Hadoop HDFS
  1. Hadoop HDFS
  2. HDFS-3535

Audit logging should log denied accesses

    Details

    • Type: New Feature New Feature
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 2.0.0-alpha
    • Fix Version/s: 2.0.2-alpha
    • Component/s: namenode
    • Labels:
      None
    • Hadoop Flags:
      Reviewed

      Description

      FSNamesystem.java logs an audit log entry when a user successfully accesses the filesystem:

            logAuditEvent(UserGroupInformation.getLoginUser(),
                          Server.getRemoteIp(),
                          "concat", Arrays.toString(srcs), target, resultingStat);
      

      but there is no similar log when a user attempts to access the filesystem and is denied due to permissions. Competing systems do provide such logging of denied access attempts; we should too.

      1. hdfs-3535.txt
        14 kB
        Andy Isaacson
      2. hdfs-3535-1.txt
        22 kB
        Andy Isaacson
      3. hdfs-3535-2.txt
        21 kB
        Andy Isaacson

        Activity

        No work has yet been logged on this issue.

          People

          • Assignee:
            Andy Isaacson
            Reporter:
            Andy Isaacson
          • Votes:
            0 Vote for this issue
            Watchers:
            10 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development