[RANGER-3615] Issue with exported audit json builder while writing events to log4j - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 3.0.0
Component/s: Ranger
Labels:
None

Description

Ref Doc:

https://blog.cloudera.com/auditing-to-external-systems-in-cdp-private-cloud-base/

Here's the example:

{"repoType":3,"repo":"hive","reqUser":"systest","evtTime":"2022-01-20 12:56:31.909","access":"USE","resource":"default","resType":"@database","action":"_any","result":1,"agent":"hiveServer2","policy":14,"enforcer":"ranger-acl","sess":"e162e0ad-717b-4934-9a50-6915de2268c3","cliType":"HIVESERVER2","cliIP":"172.27.27.131","reqData":"show tables","agentHost":"pravinknox-2.pravinknox.root.site","logType":"RangerAudit","id":"d8c7d941-26b7-4390-85dd-4a51e716ae40-0","seq_num":1,"event_count":1,"event_dur_ms":1,"additional_info":"{\"remote-ip-address\":172.27.27.131, \"forwarded-ip-addresses\":[]","cluster_name":"Cluster 1","policy_version":1}

Found some issue parsing the log due to a json format error there are basically missing a '}' at the end of addition_info.

Code Ref:

https://github.com/apache/ranger/blob/master/agents-common/src/main/java/org/apache/ranger/plugin/audit/RangerDefaultAuditHandler.java#L270

Attachments

Issue Links

links to

Review Request

Activity

People

Assignee:: Dhaval Shah

Reporter:: Dhaval Shah

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 10/Feb/22 14:51

Updated:: 23/Feb/22 10:21

Resolved:: 23/Feb/22 10:21