subject:"\[PR\] RANGER\-XXXX\: Fix problem with ElasticSearch as Audit database \[ranger\]"

Re: [PR] RANGER-XXXX: Fix problem with ElasticSearch as Audit database [ranger]

2024-05-14 Thread via GitHub



FerArribas14 commented on PR #314:
URL: https://github.com/apache/ranger/pull/314#issuecomment-2110298498

   Thank you @ognjen-it. I had a problem with the configuration of a plugin. 
Now it works correctly :) 


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@ranger.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] RANGER-XXXX: Fix problem with ElasticSearch as Audit database [ranger]

2024-05-14 Thread via GitHub



ognjen-it commented on PR #314:
URL: https://github.com/apache/ranger/pull/314#issuecomment-2109464015

   Hi @FerArribas14,
   
   The version of ElasticSearch is 7.10.2 (latest with Apache 2.0 license).
   Everything looks good on your screenshots, ranger-admin successfully created 
the index and now some plugins need to start writing data.
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@ranger.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] RANGER-XXXX: Fix problem with ElasticSearch as Audit database [ranger]

2024-05-13 Thread via GitHub



FerArribas14 commented on PR #314:
URL: https://github.com/apache/ranger/pull/314#issuecomment-2109057763

   Hi, what version of elasticsearch are you testing on localhost:9200? I can't 
get it to write audit events to elasticsearch. There are no errors in the 
ranger admin logs and the index has been created correctly.
   
   I have everything deployed in docker. I have created an elasticsearch 
service in docker compose.
   
   Thanks,


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@ranger.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[PR] RANGER-XXXX: Fix problem with ElasticSearch as Audit database [ranger]

2024-05-13 Thread via GitHub

ognjen-it opened a new pull request, #314:
URL: https://github.com/apache/ranger/pull/314

## What changes were proposed in this pull request?

I tried to create a user on Apache Jira but I've not received confirmation
yet. Until that, I'm opening this pull request for all whos seeing problems
with audit. I'm not sure if I need to do the same on the master branch?

1. Lucene version - fixed problem with writing data to ElasticSearch
**Error**: java.lang.NoSuchFieldError: LUCENE_8_5_1

I tried to change minor version one by one, but only latest version fit for
me.

Changes:
- agents-audit/pom.xml: 311
- pom.xml: 241

2. Elastic search protocol - fixed problem with changing protocol

Even though I changed ranger.audit.elasticsearch.protocol from http to
https, audit plugin still using http protocol.

Changes:
- security-admin/scripts/ranger-admin-site-template.xml: 167-170
- security-admin/scripts/setup.sh: 79, 794-797
- security-admin/scripts/upgrade_admin.py: 116
- security-admin/src/main/resources/conf.dist/ranger-admin-site.xml: 53-57
-
security-admin/src/test/java/org/apache/ranger/elasticsearch/ElasticSearchAccessAuditsServiceTest.java:
56

3. Audit plugin - cannot write audit to ES

**Error**: bootstrap method initialization exception

After changing the version of httpcomponents I started seeing audit

Changes:
- pom.xml: 137, 138, 140

4. Ranger admin console - Audit show 1-1-1970
**Erro**: Error converting value to date. Value = 2024-05-13T13:08:47.905Z

Even though evtTime was ok in ElasticSearch, ranger couldn't show it on GUI.

Changes:
-
security-admin/src/main/java/org/apache/ranger/elasticsearch/ElasticSearchAccessAuditsService.java:
260
-
security-admin/src/main/java/org/apache/ranger/solr/SolrAccessAuditsService.java:
239

## How was this patch tested?

I tested it manually.

ElasticSearch:
https://github.com/apache/ranger/assets/44586606/0ca72983-4cea-4484-9cf4-845ee5bd0a91;>

Ranger:
https://github.com/apache/ranger/assets/44586606/d52071d7-fe04-4199-a45b-3f7d1ec55974;>

--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@ranger.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] RANGER-XXXX: Fix problem with ElasticSearch as Audit database [ranger]

Re: [PR] RANGER-XXXX: Fix problem with ElasticSearch as Audit database [ranger]

Re: [PR] RANGER-XXXX: Fix problem with ElasticSearch as Audit database [ranger]

[PR] RANGER-XXXX: Fix problem with ElasticSearch as Audit database [ranger]

4 matches

Site Navigation

Mail list logo

Footer information