Thanks, changing generic_logger.xml worked like a charm! I set Audit to WARN. ~Dylan
On Sun, Mar 15, 2015 at 9:39 PM, Josh Elser <[email protected]> wrote: > On the contrary, if you don't have a *.audit file, it's probably getting > parsed as the audit file wasn't made. > > log4j.properties is only used for "client" applications -- not the server > processes. > > Server processes configure their logging by first looking for a > %s_logger.xml and then %s_logger.properties file where %s is the name of > the process (e.g. tserver, gc). > > Generally, there should be the following in your generic_logger.xml: > > <logger name="Audit"> > <level value="OFF"/> > </logger> > > or in generic_logger.properties (if you remove *_logger.xml): > > log4j.logger.Audit=OFF > > These should probably be in the templates/examples that we provide. It > doesn't appear that they presently are. > > Dylan Hutchison wrote: > >> Yes, here are the contents of conf/auditLog.xml: >> >> <appender name="Audit" >> class="org.apache.log4j.DailyRollingFileAppender"> >> <param name="File" >> value="${org.apache.accumulo.core.dir.log}/${org.apache. >> accumulo.core.ip.localhost.hostname}.audit"/> >> <param name="MaxBackupIndex" value="10"/> >> <param name="DatePattern" value="'.'yyyy-MM-dd"/> >> <layout class="org.apache.log4j.PatternLayout"> >> <param name="ConversionPattern" value="%d{yyyy-MM-dd HH:mm:ss,SSS/Z} >> [%c{2}] %-5p: %m%n"/> >> </layout> >> </appender> >> <logger name="Audit" additivity="false"> >> <appender-ref ref="Audit" /> >> <level value="*OFF*"/> >> </logger> >> >> >> I don't think this file is parsed because if the level were truly OFF, >> then I wouldn't see any audit messages. >> >> On Sun, Mar 15, 2015 at 9:03 PM, Billie Rinaldi >> <[email protected] <mailto:[email protected]>> wrote: >> >> Do you have an auditLog.xml? >> >> On Mar 15, 2015 8:58 PM, "Dylan Hutchison" <[email protected] >> <mailto:[email protected]>> wrote: >> >> Hi there, >> >> I'd like to stop appending INFO-level AUDIT log messages to the >> regular and debug tserver log files. Here is an example log: >> >> 2015-03-15 20:39:26,970 [Audit ] INFO : operation: >> permitted; user: root; client: 127.0.0.1:41256 >> <http://127.0.0.1:41256>; >> >> >> I'm confused how log4j is setup (see ACCUMULO-3546 >> <https://issues.apache.org/jira/browse/ACCUMULO-3546>). I tried >> appending variants of >> >> log4j.logger.Audit=WARN >> >> >> to $ACCUMULO_HOME/conf/log4j.properties, but no luck. There is >> also the generic_logger.xml and generic_logger.properties. >> >> This line of code >> from org.apache.accumulo.server.security.AuditedSecurityOperation >> is >> relevant: >> >> >> public static final String AUDITLOG = "Audit"; >> public static final Logger audit = Logger.getLogger(AUDITLOG); >> >> >> I want to stop this logger. >> >> Regards, >> Dylan Hutchison >> >> >>
