*1.* For Install 'Hdfs Audit Log Monitor', I have set following config:
1.create two kafka topics: *hdfs_audit_log_sandbox*,
*hdfs_audit_log_enriched_sandbox*
2.stream audit log into topic *hdfs_audit_log_sandbox*
3.Kafka Consumer Topic for HDFS Auditlog : *hdfs_audit_log_sandbox*
The data flow you described should be correct.
But to be accurate, there are two stream processing for hdfs log monitoring.
Processing 1: data preparation, i.e. enrich the raw audit log. Here enrich
means add extra information to raw audit log.
The input is topic hdfs_audit_log_sandbox, and the
