[RANGER-1841] Audit log record for 'use dbName' hive command contains large number of tags - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 0.7.0
Component/s: plugins
Labels:
None

Description

When a Hive service is configured for tag-based authorization, the audit log generated for ‘use dbName’ command would contain all the tags associated with: the database, all tables in the database, all the columns in the database. The number of tags in this audit log could be too many; and having such large number of tags in audit logs of 'use <dbName>' command may not be useful. It will be better not to log tags in audit logs for 'use <dbName>' commands. Policy-id recorded in the audit log can be used to identity the tag, if a tag-based policy authorized the command.

Attachments

Activity

People

Assignee:: Abhay Kulkarni

Reporter:: Madhan Neethiraj

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 16/Oct/17 21:31

Updated:: 08/Dec/21 08:19

Resolved:: 16/Oct/17 23:57