Description
If hive service is associated with a tag service, then when a ‘show databases’ command is authorized by Ranger, potentially, all tags associated with all hive entities are evaluated to determine the authorization of the command. Consequently, the audit log record generated for it will show, in the tags field, every tag provisioned for any hive entity in Ranger. With large number of tags associated with hive entities, the audit log is very cluttered and does not convey meaningful information. For the sake of usability, it will be better not to log all tags in the corresponding audit log record for this specific command.