Hi
I am using Hortonworks HDP-2.3.4.0 and Ranger 0.5.0.2.3.
I configured Ranger to write Hive audit log to HDFS.
After restarting Hive it writes audit log to HDFS about two days and
after it gives following error in Hive log:
2016-08-10 09:31:34,438 INFO
[hiveServer2.async.summary.batch_hiveServer2.async.summary.batch.hdfs_destWriter]:
provider.BaseAuditHandler (BaseAuditHandler.java:logStatus(312)) - Audit
Status Log: name=hiveServer2.async.summary.batch.hdfs,
interval=01:00.066 minutes, events=1, deferredCount=1, totalEvents=6657,
totalSuccessCount=5203, totalDeferredCount=1454
2016-08-10 09:31:34,443 INFO
[hiveServer2.async.summary.batch_hiveServer2.async.summary.batch.hdfs_destWriter]:
destination.HDFSAuditDestination
(HDFSAuditDestination.java:createConfiguration(263)) - Returning HDFS
Filesystem Config: Configuration: core-default.xml, core-site.xml,
mapred-default.xml, mapred-site.xml, yarn-default.xml, yarn-site.xml,
hdfs-default.xml, hdfs-site.xml
2016-08-10 09:31:34,457 INFO
[hiveServer2.async.summary.batch_hiveServer2.async.summary.batch.hdfs_destWriter]:
destination.HDFSAuditDestination
(HDFSAuditDestination.java:getLogFileStream(224)) - Checking whether log
file exists.
hdfPath=hdfs://mycluster/datasource/ranger/audit/hiveServer2//2016/08/10/hiveServer2_ranger_audit_hadoopnn1.estpak.ee.log,
UGI=hive/hadoopnn1.estpak...@testhadoop.com (auth:KERBEROS)
2016-08-10 09:31:34,459 WARN
[hiveServer2.async.summary.batch_hiveServer2.async.summary.batch.hdfs_destWriter]:
ipc.Client (Client.java:run(680)) - Exception encountered while
connecting to the server :
javax.security.sasl.SaslException: GSS initiate failed [Caused by
GSSException: No valid credentials provided (Mechanism level: Failed to
find any Kerberos tgt)]
Hive is still working correctly after it. After restarting Hive it
writes again audit log to HDFS about two days.
Any hints?
--
Margus (margusja) Roo
http://margus.roo.ee
skype: margusja
+372 51 48 780
