[
https://issues.apache.org/jira/browse/HDDS-98?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16590899#comment-16590899
]
Dinesh Chitlangia edited comment on HDDS-98 at 8/24/18 5:03 AM:
----------------------------------------------------------------
[~jnp] Thank you for the feedback.
{quote}The username executing the command should be a top level field.
{quote}
Yes, I am currently working on this.
I propose the following format:
{color:#654982}xxxx/172.1.1.1{color} followed by the rest of the information
being logged for the said action.
This is to avoid conflict with username field in some of the actions like
createVolume where VolumeArgs will contain the similar field which may not
necessarily be the same as the remoteUser making that call.
Also, since we are using StructuredDataMessage for logging, the id cannot
exceed 32 characters. Thus by using the format {color:#654982}remote
xxxx/172.1.1.1{color} we can restrict the id under 32 characters.
{quote}We may not need INFO/DEBUG information because audit logs are usually
controlled operations that should be recorded, and not by log levels.
{quote}
So, for the write/read success events, we can log at Level ALL and for failures
we can log at ERROR.
Let me know if the above proposals sound good.
Here are the sample logs from this approach:
{{2018-08-24 04:57:28,685 | INFO | OMAudit | CREATE_VOLUME
[{color:#654982}xiaoyu/172.18.0.3{color} admin="xiaoyu" creationTime="0"
owner="xiaoyu" quotaInBytes="1099511627776" volume="xmen"] SUCCESS |}}
{{2018-08-24 04:59:20,312 | INFO | OMAudit | CREATE_VOLUME
[{color:#654982}anu/172.18.0.2{color} admin="anu" creationTime="0" owner="anu"
quotaInBytes="8796093022208" volume="don"] SUCCESS |}}
was (Author: dineshchitlangia):
[~jnp] Thank you for the feedback.
{quote}The username executing the command should be a top level field.
{quote}
Yes, I am currently working on this.
I propose the following format:
{color:#654982}xxxx/172.1.1.1{color} followed by the rest of the information
being logged for the said action.
This is to avoid conflict with username field in some of the actions like
createVolume where VolumeArgs will contain the similar field which may not
necessarily be the same as the remoteUser making that call.
Also, since we are using StructuredDataMessage for logging, the id cannot
exceed 32 characters. Thus by using the format {color:#654982}remote
xxxx/172.1.1.1{color} we can restrict the id under 32 characters.
{quote}We may not need INFO/DEBUG information because audit logs are usually
controlled operations that should be recorded, and not by log levels.
{quote}
So, for the write/read success events, we can log at Level ALL and for failures
we can log at ERROR.
Let me know if the above proposals sound good.
> Adding Ozone Manager Audit Log
> ------------------------------
>
> Key: HDDS-98
> URL: https://issues.apache.org/jira/browse/HDDS-98
> Project: Hadoop Distributed Data Store
> Issue Type: Sub-task
> Reporter: Xiaoyu Yao
> Assignee: Dinesh Chitlangia
> Priority: Major
> Labels: Logging, audit
> Fix For: 0.2.1
>
> Attachments: HDDS-98.001.patch, HDDS-98.002.patch, HDDS-98.003.patch,
> audit.log, log4j2.properties
>
>
> This ticket is opened to add ozone manager's audit log.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
