Uploaded image for project: 'HBase'
  1. HBase
  2. HBASE-6585

Audit log messages should contain info about the higher level operation being executed

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Closed
    • Minor
    • Resolution: Fixed
    • 0.95.2
    • 0.94.4, 0.95.0
    • security
    • Reviewed

    Description

      Currently, audit log messages contains the "action" for which access was checked; this is one of READ, WRITE, CREATE or ADMIN.

      These give very little information to the person digging into the logs about what was done, though. You can't ask "who deleted rows from table x?", because "delete" is translated to a "WRITE" action.

      It would be nice if the audit logs contained the higher-level operation, either replacing or in addition to the RWCA information.

      Attachments

        1. HBASE-6585-v0.patch
          24 kB
          Matteo Bertozzi
        2. HBASE-6585-v1.patch
          24 kB
          Matteo Bertozzi
        3. HBASE-6585-v2.patch
          28 kB
          Matteo Bertozzi
        4. HBASE-6885-0.94.patch
          27 kB
          Matteo Bertozzi

        Activity

          People

            mbertozzi Matteo Bertozzi
            vanzin Marcelo Masiero Vanzin
            Votes:
            0 Vote for this issue
            Watchers:
            7 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: