[HBASE-6585] Audit log messages should contain info about the higher level operation being executed - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Closed
Priority: Minor
Resolution: Fixed
Affects Version/s: 0.95.2
Fix Version/s: 0.94.4, 0.95.0
Component/s: security
Labels:
- acl

Hadoop Flags:

Reviewed

Description

Currently, audit log messages contains the "action" for which access was checked; this is one of READ, WRITE, CREATE or ADMIN.

These give very little information to the person digging into the logs about what was done, though. You can't ask "who deleted rows from table x?", because "delete" is translated to a "WRITE" action.

It would be nice if the audit logs contained the higher-level operation, either replacing or in addition to the RWCA information.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

HBASE-6885-0.94.patch
19/Dec/12 08:56
27 kB
Matteo Bertozzi
HBASE-6585-v2.patch
18/Dec/12 11:52
28 kB
Matteo Bertozzi
HBASE-6585-v1.patch
04/Oct/12 23:24
24 kB
Matteo Bertozzi
HBASE-6585-v0.patch
18/Aug/12 13:16
24 kB
Matteo Bertozzi

Activity

People

Assignee:: Matteo Bertozzi

Reporter:: Marcelo Masiero Vanzin

Votes:: 0 Vote for this issue

Watchers:: 7 Start watching this issue

Dates

Created:: 14/Aug/12 21:44

Updated:: 26/Feb/13 08:23

Resolved:: 19/Dec/12 16:33