[jira] [Comment Edited] (HDFS-13270) RBF: Router audit logger

Tue, 27 Aug 2019 16:53:07 -0700 


    [ 
https://issues.apache.org/jira/browse/HDFS-13270?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16917278#comment-16917278
 ] 

Wei-Chiu Chuang edited comment on HDFS-13270 at 8/27/19 11:52 PM:
------------------------------------------------------------------

[~hemanthboyina] thanks for the patch. It's quite a big patch so I didn't 
review carefully. I was going to ask you to take care of the javac, checkstyle 
and whitespace warnings, but I think let's get the following right:

The purpose of audit logger is such that an operation can be logged with 
details. Say I set ec policy setErasureCodingPolicy(String src, String 
ecPolicyName) on a file which is denied, the administrator can use the audit 
log to find out why. It would be important to log both file name (src) and 
policy name (ecPolicyName) so the administrator can do a post-mortem. Please 
review the patch again and determine if sufficient information is logged.

 

You may take a look at NameNode's implementation (FSNamesystem) to get a sense, 
and also get the parity of what NameNode logs now


was (Author: jojochuang):
[~hemanthboyina] thanks for the patch. It's quite a big patch so I didn't 
review carefully. I was going to ask you to take care of the javac, checkstyle 
and whitespace warnings, but I think let's get the following right:

The purpose of audit logger is such that an operation can be logged with 
details. Say I set ec policy setErasureCodingPolicy(String src, String 
ecPolicyName) on a file which is denied, the administrator can use the audit 
log to find out why. It would be important to log both file name (src) and 
policy name (ecPolicyName) so the administrator can do a post-mortem. Please 
review the patch again and determine if sufficient information is logged.

> RBF: Router audit logger
> ------------------------
>
>                 Key: HDFS-13270
>                 URL: https://issues.apache.org/jira/browse/HDFS-13270
>             Project: Hadoop HDFS
>          Issue Type: Sub-task
>          Components: hdfs
>    Affects Versions: 3.2.0
>            Reporter: maobaolong
>            Assignee: hemanthboyina
>            Priority: Major
>         Attachments: HDFS-13270.001.patch, HDFS-13270.002.patch, 
> HDFS-13270.003.patch
>
>
> We can use router auditlogger to log the client info and cmd, because the 
> FSNamesystem#Auditlogger's log think the client are all from router.



--
This message was sent by Atlassian Jira
(v8.3.2#803003)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to