[
https://issues.apache.org/jira/browse/IMPALA-8768?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16965087#comment-16965087
]
ASF subversion and git services commented on IMPALA-8768:
---------------------------------------------------------
Commit 49a31aef0b71e94cbbea412a4071721b3b5f5359 in impala's branch
refs/heads/master from Alex Rodoni
[ https://gitbox.apache.org/repos/asf?p=impala.git;h=49a31ae ]
IMPALA-8768: [DOCS] Added conditions for queries recorded in audit log
Change-Id: I809e716e66558db02e6401bd218b3dd2de49864c
Reviewed-on: http://gerrit.cloudera.org:8080/14575
Tested-by: Impala Public Jenkins <[email protected]>
Reviewed-by: Tim Armstrong <[email protected]>
> Clarifying the conditions in which audit logs record a query
> ------------------------------------------------------------
>
> Key: IMPALA-8768
> URL: https://issues.apache.org/jira/browse/IMPALA-8768
> Project: IMPALA
> Issue Type: Task
> Components: Docs
> Affects Versions: Impala 2.13.0, Impala 3.3.0
> Reporter: Vincent Tran
> Assignee: Alexandra Rodoni
> Priority: Minor
> Fix For: Impala 3.4.0
>
>
> Currently, Impala documentation highlights the following cases as operations
> which the audit logs will record:
> {noformat}
> Which Operations Are Audited
> The kinds of SQL queries represented in the audit log are:
> Queries that are prevented due to lack of authorization.
> Queries that Impala can analyze and parse to determine that they are
> authorized. The audit data is recorded immediately after Impala finishes its
> analysis, before the query is actually executed.
> The audit log does not contain entries for queries that could not be parsed
> and analyzed. For example, a query that fails due to a syntax error is not
> recorded in the audit log. The audit log also does not contain queries that
> fail due to a reference to a table that does not exist, if you would be
> authorized to access the table if it did exist.
> Certain statements in the impala-shell interpreter, such as CONNECT, SUMMARY,
> PROFILE, SET, and QUIT, do not correspond to actual SQL queries, and these
> statements are not reflected in the audit log.
> {noformat}
> However, based on[1], there is an unmentioned condition that the client must
> have issued at least one fetch for analyzed queries to be recorded in audit
> logs.
> [1]
> https://github.com/apache/impala/blob/b3b00da1a1c7b98e84debe11c10258c4a0dff944/be/src/service/impala-server.cc#L690-L734
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
