Uploaded image for project: 'HBase'
  1. HBase
  2. HBASE-6585

Audit log messages should contain info about the higher level operation being executed

VotersStop watchingWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Closed
    • Minor
    • Resolution: Fixed
    • 0.95.2
    • 0.94.4, 0.95.0
    • security
    • Reviewed

    Description

      Currently, audit log messages contains the "action" for which access was checked; this is one of READ, WRITE, CREATE or ADMIN.

      These give very little information to the person digging into the logs about what was done, though. You can't ask "who deleted rows from table x?", because "delete" is translated to a "WRITE" action.

      It would be nice if the audit logs contained the higher-level operation, either replacing or in addition to the RWCA information.

      Attachments

        1. HBASE-6585-v0.patch
          24 kB
          Matteo Bertozzi
        2. HBASE-6585-v1.patch
          24 kB
          Matteo Bertozzi
        3. HBASE-6585-v2.patch
          28 kB
          Matteo Bertozzi
        4. HBASE-6885-0.94.patch
          27 kB
          Matteo Bertozzi

        Activity

          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            mbertozzi Matteo Bertozzi
            vanzin Marcelo Masiero Vanzin
            Votes:
            0 Vote for this issue
            Watchers:
            7 Stop watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Slack

                Issue deployment