[jira] [Commented] (RANGER-2533) After setting 'xasecure.audit.is.enabled' to 'false', the audit log is still logged
[ https://issues.apache.org/jira/browse/RANGER-2533?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16925434#comment-16925434 ] peng.jianhua commented on RANGER-2533: -- Thanks for the fix! Merged to master. > After setting 'xasecure.audit.is.enabled' to 'false', the audit log is still > logged > --- > > Key: RANGER-2533 > URL: https://issues.apache.org/jira/browse/RANGER-2533 > Project: Ranger > Issue Type: Bug > Components: audit >Affects Versions: 2.1.0 >Reporter: Peng Xing >Assignee: Peng Xing >Priority: Major > Fix For: 2.1.0 > > Attachments: > 0001-RANGER-2533-After-setting-xasecure.audit.is.enabled-.patch, > RANGER-2533.patch > > > After setting 'xasecure.audit.is.enabled' to 'false', the audit log is still > logged -- This message was sent by Atlassian Jira (v8.3.2#803003)
[jira] [Commented] (RANGER-2533) After setting 'xasecure.audit.is.enabled' to 'false', the audit log is still logged
[ https://issues.apache.org/jira/browse/RANGER-2533?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16919995#comment-16919995 ] Peng Xing commented on RANGER-2533: --- [~madhan.neethiraj],I have submitted a patch, please review it. Thanks! Review Requet: [https://reviews.apache.org/r/71418/] > After setting 'xasecure.audit.is.enabled' to 'false', the audit log is still > logged > --- > > Key: RANGER-2533 > URL: https://issues.apache.org/jira/browse/RANGER-2533 > Project: Ranger > Issue Type: Bug > Components: audit >Affects Versions: 2.1.0 >Reporter: Peng Xing >Assignee: Peng Xing >Priority: Major > Fix For: 2.1.0 > > Attachments: > 0001-RANGER-2533-After-setting-xasecure.audit.is.enabled-.patch, > RANGER-2533.patch > > > After setting 'xasecure.audit.is.enabled' to 'false', the audit log is still > logged -- This message was sent by Atlassian Jira (v8.3.2#803003)
[jira] [Commented] (RANGER-2533) After setting 'xasecure.audit.is.enabled' to 'false', the audit log is still logged
[ https://issues.apache.org/jira/browse/RANGER-2533?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16919597#comment-16919597 ] Madhan Neethiraj commented on RANGER-2533: -- [~xingpeng1] - to avoid breaking deployments where {{xasecure.audit.is.enabled}} is not set in configuration file, please update default value to 'true' in AuditProviderFactory.java, which will make the unit test changes in this patch unnecessary: {code:java} boolean isEnabled = MiscUtil.getBooleanProperty(props, AUDIT_IS_ENABLED_PROP, false); {code} > After setting 'xasecure.audit.is.enabled' to 'false', the audit log is still > logged > --- > > Key: RANGER-2533 > URL: https://issues.apache.org/jira/browse/RANGER-2533 > Project: Ranger > Issue Type: Bug > Components: audit >Affects Versions: 2.1.0 >Reporter: Peng Xing >Assignee: Peng Xing >Priority: Major > Fix For: 2.1.0 > > Attachments: > 0001-RANGER-2533-After-setting-xasecure.audit.is.enabled-.patch > > > After setting 'xasecure.audit.is.enabled' to 'false', the audit log is still > logged -- This message was sent by Atlassian Jira (v8.3.2#803003)
[jira] [Commented] (RANGER-2533) After setting 'xasecure.audit.is.enabled' to 'false', the audit log is still logged
[ https://issues.apache.org/jira/browse/RANGER-2533?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16917490#comment-16917490 ] Peng Xing commented on RANGER-2533: --- [~madhan.neethiraj], thanks for your suggestion. {quote}configuration xasecure.audit.is.enabled exists for backward compatibility with earlier version of Audit configuration (in the code known as V2 configuration) {quote} The user does not know that {{xasecure.audit.is.enabled}} is the V2 configuration, which may cause confusion. I think this configuration should also apply to the V3 version, and this configuration will be more convenient to enable/disable audit. {quote}this change is will disable auditing for all plugins, except the ones where xasecure.audit.is.enabled is explicitly set to true. {quote} After the plugin is installed, {{xasecure.audit.is.enabled}} will be generated in all {{ranger-xxx-audit.xml}} and the default value is {{true}}. So in default, this change does not disable audit for all plugins. {quote}update default value for xasecure.audit.is.enabled as true {quote} I agree with you. . Thanks > After setting 'xasecure.audit.is.enabled' to 'false', the audit log is still > logged > --- > > Key: RANGER-2533 > URL: https://issues.apache.org/jira/browse/RANGER-2533 > Project: Ranger > Issue Type: Bug > Components: audit >Affects Versions: 2.1.0 >Reporter: Peng Xing >Assignee: Peng Xing >Priority: Major > Fix For: 2.1.0 > > Attachments: > 0001-RANGER-2533-After-setting-xasecure.audit.is.enabled-.patch > > > After setting 'xasecure.audit.is.enabled' to 'false', the audit log is still > logged -- This message was sent by Atlassian Jira (v8.3.2#803003)
[jira] [Commented] (RANGER-2533) After setting 'xasecure.audit.is.enabled' to 'false', the audit log is still logged
[ https://issues.apache.org/jira/browse/RANGER-2533?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16916826#comment-16916826 ] Madhan Neethiraj commented on RANGER-2533: -- [~peng.jianhua] - configuration {{xasecure.audit.is.enabled}} exists for backward compatibility with earlier version of Audit configuration (in the code known as V2 configuration). In current version (known as V3 in the code), the configuration requires enable/disable of each audit destination - like: {noformat} xasecure.audit.destination.solr=false xasecure.audit.destination.hdfs=false {noformat} If no destination is enabled, audit will be disabled. The patch in this JIRA disables audit when {{xasecure.audit.is.enabled}} is not set to true. Given {{false}} being the default value for this property - see following code in AuditProviderFactory.java, this change is will disable auditing for all plugins, except the ones where {{xasecure.audit.is.enabled}} is explicitly set to {{true}}. {code:java} boolean isEnabled = MiscUtil.getBooleanProperty(props, AUDIT_IS_ENABLED_PROP, false); {code} I suggest couple of options: # revert this patch; anyone requiring audit to be disabled should explicitly set 'false' for each destination. # update default value for {{xasecure.audit.is.enabled}} as {{true}} > After setting 'xasecure.audit.is.enabled' to 'false', the audit log is still > logged > --- > > Key: RANGER-2533 > URL: https://issues.apache.org/jira/browse/RANGER-2533 > Project: Ranger > Issue Type: Bug > Components: audit >Affects Versions: 2.1.0 >Reporter: Peng Xing >Assignee: Peng Xing >Priority: Major > Fix For: 2.1.0 > > Attachments: > 0001-RANGER-2533-After-setting-xasecure.audit.is.enabled-.patch > > > After setting 'xasecure.audit.is.enabled' to 'false', the audit log is still > logged -- This message was sent by Atlassian Jira (v8.3.2#803003)