Major Description
For hive plugin resource_path field of xa_access_audit table would be formatted like: database/table/col1,col2,col3. Length of this formatted string depends on the number of columns accessed in the query and the length of the column names. If table has a large number of columns then it is possible to exceed the column length which leads to failure to write audit message to audit table.
Following is the proposed solution:
- Truncate messages that exceed the destination database column so that insertion of audit row does not fail.
- The length at which data value is truncated should be configurable. This helps for example, if the column size in the database is increased at a later date to capture more of audit data before it gets clipped.
- Also, it should be possible to suppress any truncation and restore the earlier behavior.
- Configuration should have sensible defaults in the code, too.
- Concrete consider the following example: For example, say, they have a problem with resource_path column exceeding the current database size of 2000. Then one would define the following property in the audit config file:
<property> <name>xasecure.audit.db.max.columnvalue.resource_path</name> <value>2000</value> </property>
This would clip the value of resource_path column so it does not exceed 2000. The last 3 characters of the column value should be “…” to indicate that message was clipped.
- User should be able to do this sort of a setting for any string column of the xa_access_audit table.
- Setting the value to a -ve number should prevent any truncation. If this property is absent then the column would be clipped at 2000 which is the default column size for this table.