[
https://issues.apache.org/jira/browse/ACCUMULO-1070?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Keith Turner updated ACCUMULO-1070:
-----------------------------------
Attachment: accumulo-1070-2.patch
Was not able to apply patch #1 because of recent changes. I modified #1 (by
replacing Credential w/ TCredentials) and got it to apply. Then I generated
patch #2.
> Improve the auditing messages that are generated from the server.
> -----------------------------------------------------------------
>
> Key: ACCUMULO-1070
> URL: https://issues.apache.org/jira/browse/ACCUMULO-1070
> Project: Accumulo
> Issue Type: Improvement
> Components: master, tserver
> Affects Versions: 1.4.2
> Reporter: Philip Young
> Assignee: Eric Newton
> Labels: patch, security
> Attachments: accumulo-1070-1.patch, accumulo-1070-2.patch
>
> Original Estimate: 168h
> Remaining Estimate: 168h
>
> Auditing of all user interactions, including system administrators, is
> sometimes required by a companies so that they can retrospectively audit user
> interactions after a security breach. Currently, not all user operations on
> the Accumulo server are generating audit messages and if they are, not in a
> consistent manner.
> The audit created in the AuditedSecurityOperations class are not currently
> creating consistent messages when an user passes the operation validation to
> when they fail the operation validation.
> Also, the Scan operations are not being audited and it would be very useful
> to know who has run scans and what those scans were, by including: the
> principal user, the column families, the ranges, etc.
>
> I am intending to address both of these issues and submit a patch in the next
> week.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
