[jira] [Updated] (HDFS-16944) Add audit log for RouterAdminServer to save privileged operation log seperately.

Beibei Zhao (Jira) Wed, 08 Mar 2023 07:45:04 -0800


     [ 
https://issues.apache.org/jira/browse/HDFS-16944?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Beibei Zhao updated HDFS-16944:
-------------------------------
    Description: 
We found that in other components (like namenode in hdfs or resourcemanager in 
yarn), *debug log and audit log are record seperately*.

There are lots of *simple* logs to help with debugging for the *developers *who 
can access to the source code. And there are also audit logs record *privileged 
operations* with more *detailed* information to help *system admins* understand 
what happened in a real run. 

There is an example in yarn: 
{code:java}
  public static final Log auditLog = LogFactory.getLog(
      FSNamesystem.class.getName() + ".audit");

try {
      // Safety
      userUgi = UserGroupInformation.getCurrentUser();
      user = userUgi.getShortUserName();
    } catch (IOException ie) {
      LOG.warn("Unable to get the current user.", ie); // debug log
      RMAuditLogger.logFailure(user, AuditConstants.SUBMIT_APP_REQUEST,
          ie.getMessage(), "ClientRMService",
          "Exception in submitting application", applicationId, callerContext,
          submissionContext.getQueue()); // audit log
      throw RPCUtil.getRemoteException(ie);
    }
{code}
So I suggest to add an audit log for *RouterAdminServer* to save privileged 
operation logs seperately.

{code:java}
// hadoop security
public static final Logger AUDITLOG =
      LoggerFactory.getLogger(
          "SecurityLogger." + ServiceAuthorizationManager.class.getName());
// namenode
  public static final Log auditLog = LogFactory.getLog(
      FSNamesystem.class.getName() + ".audit");
{code}
I choose className.audit finally.
 
 
 

  was:
We found that in other components (like namenode in hdfs or resourcemanager in 
yarn), *debug log and audit log are record seperately*.

There are lots of *simple *logs* to help with debugging for the *developers 
*who can access to the source code. And there are also audit logs record 
*privileged operations* with more *detailed* information to help *system 
admins* understand what happened in a real run. 

There is an example in yarn: 
{code:java}
  public static final Log auditLog = LogFactory.getLog(
      FSNamesystem.class.getName() + ".audit");

try {
      // Safety
      userUgi = UserGroupInformation.getCurrentUser();
      user = userUgi.getShortUserName();
    } catch (IOException ie) {
      LOG.warn("Unable to get the current user.", ie); // debug log
      RMAuditLogger.logFailure(user, AuditConstants.SUBMIT_APP_REQUEST,
          ie.getMessage(), "ClientRMService",
          "Exception in submitting application", applicationId, callerContext,
          submissionContext.getQueue()); // audit log
      throw RPCUtil.getRemoteException(ie);
    }
{code}
So I suggest to add an audit log for *RouterAdminServer* to save privileged 
operation logs seperately.

{code:java}
// hadoop security
public static final Logger AUDITLOG =
      LoggerFactory.getLogger(
          "SecurityLogger." + ServiceAuthorizationManager.class.getName());
// namenode
  public static final Log auditLog = LogFactory.getLog(
      FSNamesystem.class.getName() + ".audit");
{code}
I choose className.audit finally.
 
 
 


> Add audit log for RouterAdminServer to save privileged operation log 
> seperately.
> --------------------------------------------------------------------------------
>
>                 Key: HDFS-16944
>                 URL: https://issues.apache.org/jira/browse/HDFS-16944
>             Project: Hadoop HDFS
>          Issue Type: Improvement
>          Components: federation
>    Affects Versions: 3.3.4
>            Reporter: Beibei Zhao
>            Priority: Major
>
> We found that in other components (like namenode in hdfs or resourcemanager 
> in yarn), *debug log and audit log are record seperately*.
> There are lots of *simple* logs to help with debugging for the *developers 
> *who can access to the source code. And there are also audit logs record 
> *privileged operations* with more *detailed* information to help *system 
> admins* understand what happened in a real run. 
> There is an example in yarn: 
> {code:java}
>   public static final Log auditLog = LogFactory.getLog(
>       FSNamesystem.class.getName() + ".audit");
> try {
>       // Safety
>       userUgi = UserGroupInformation.getCurrentUser();
>       user = userUgi.getShortUserName();
>     } catch (IOException ie) {
>       LOG.warn("Unable to get the current user.", ie); // debug log
>       RMAuditLogger.logFailure(user, AuditConstants.SUBMIT_APP_REQUEST,
>           ie.getMessage(), "ClientRMService",
>           "Exception in submitting application", applicationId, callerContext,
>           submissionContext.getQueue()); // audit log
>       throw RPCUtil.getRemoteException(ie);
>     }
> {code}
> So I suggest to add an audit log for *RouterAdminServer* to save privileged 
> operation logs seperately.
> {code:java}
> // hadoop security
> public static final Logger AUDITLOG =
>       LoggerFactory.getLogger(
>           "SecurityLogger." + ServiceAuthorizationManager.class.getName());
> // namenode
>   public static final Log auditLog = LogFactory.getLog(
>       FSNamesystem.class.getName() + ".audit");
> {code}
> I choose className.audit finally.
>  
>  
>  



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[jira] [Updated] (HDFS-16944) Add audit log for RouterAdminServer to save privileged operation log seperately.

Reply via email to