Index: hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/java/org/apache/hadoop/yarn/server/nodemanager/NMAuditLogger.java =================================================================== --- hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/java/org/apache/hadoop/yarn/server/nodemanager/NMAuditLogger.java (revision 1610627) +++ hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/java/org/apache/hadoop/yarn/server/nodemanager/NMAuditLogger.java (working copy) @@ -36,6 +36,65 @@ static enum Keys {USER, OPERATION, TARGET, RESULT, IP, DESCRIPTION, APPID, CONTAINERID} + + /** + * + * Prints audit log based on log level specified + * + */ + public static enum LogLevel { + WARN { + @Override + public void printLog(Object logMsg) { + if(LOG.isWarnEnabled()) { + LOG.warn(logMsg); + } + } + }, + ERROR { + @Override + public void printLog(Object logMsg) { + if(LOG.isErrorEnabled()) { + LOG.error(logMsg); + } + } + }, + FATAL { + @Override + public void printLog(Object logMsg) { + if(LOG.isFatalEnabled()) { + LOG.fatal(logMsg); + } + } + }, + DEBUG { + @Override + public void printLog(Object logMsg) { + if(LOG.isDebugEnabled()) { + LOG.debug(logMsg); + } + } + }, + TRACE { + @Override + public void printLog(Object logMsg) { + if(LOG.isTraceEnabled()) { + LOG.trace(logMsg); + } + } + }, + INFO { + @Override + public void printLog(Object logMsg) { + if(LOG.isInfoEnabled()) { + LOG.info(logMsg); + } + } + }; + public abstract void printLog(Object logMsg); + } + + public static class AuditConstants { static final String SUCCESS = "SUCCESS"; static final String FAILURE = "FAILURE"; @@ -93,6 +152,25 @@ /** * Create a readable and parseable audit log string for a successful event. * + * @param level Log level of the audit log. + * @param user User who made the service request. + * @param operation Operation requested by the user + * @param target The target on which the operation is being performed. + * @param appId Application Id in which operation was performed. + * @param containerId Container Id in which operation was performed. + * + *

+ * Note that the {@link NMAuditLogger} uses tabs ('\t') as a key-val delimiter + * and hence the value fields should not contains tabs ('\t'). + */ + public static void logSuccess(LogLevel level, String user, String operation, + String target, ApplicationId appId, ContainerId containerId) { + level.printLog(createSuccessLog(user, operation, target, appId, containerId)); + } + + /** + * Create a readable and parseable audit log string for a successful event. + * * @param user User who made the service request. * @param operation Operation requested by the user * @param target The target on which the operation is being performed. @@ -108,6 +186,23 @@ } /** + * Create a readable and parseable audit log string for a successful event. + * + * @param level Log level of the audit log. + * @param user User who made the service request. + * @param operation Operation requested by the user + * @param target The target on which the operation is being performed. + * + *

+ * Note that the {@link NMAuditLogger} uses tabs ('\t') as a key-val delimiter + * and hence the value fields should not contains tabs ('\t'). + */ + public static void logSuccess(LogLevel level, String user, String operation, + String target) { + level.printLog(createSuccessLog(user, operation, target, null, null)); + } + + /** * A helper api for creating an audit log for a failure event. * This is factored out for testing purpose. */ @@ -154,16 +249,39 @@ /** * Create a readable and parseable audit log string for a failed event. * - * @param user User who made the service request. + * @param level Log level of the audit log. + * @param user User who made the service request. * @param operation Operation requested by the user. - * @param target The target on which the operation is being performed. + * @param target The target on which the operation is being performed. * @param description Some additional information as to why the operation * failed. + * @param appId ApplicationId in which operation was performed. + * @param containerId Container Id in which operation was performed. * *

* Note that the {@link NMAuditLogger} uses tabs ('\t') as a key-val delimiter * and hence the value fields should not contains tabs ('\t'). */ + public static void logFailure(LogLevel level, String user, String operation, + String target, String description, ApplicationId appId, + ContainerId containerId) { + level.printLog(createFailureLog(user, operation, target, description, + appId, containerId)); + } + + /** + * Create a readable and parseable audit log string for a failed event. + * + * @param user User who made the service request. + * @param operation Operation requested by the user. + * @param target The target on which the operation is being performed. + * @param description Some additional information as to why the operation + * failed. + * + *

+ * Note that the {@link NMAuditLogger} uses tabs ('\t') as a key-val delimiter + * and hence the value fields should not contains tabs ('\t'). + */ public static void logFailure(String user, String operation, String target, String description) { if (LOG.isWarnEnabled()) { @@ -172,6 +290,25 @@ } /** + * Create a readable and parseable audit log string for a failed event. + * + * @param level Log level of the audit log. + * @param user User who made the service request. + * @param operation Operation requested by the user. + * @param target The target on which the operation is being performed. + * @param description Some additional information as to why the operation + * failed. + * + *

+ * Note that the {@link NMAuditLogger} uses tabs ('\t') as a key-val delimiter + * and hence the value fields should not contains tabs ('\t'). + */ + public static void logFailure(LogLevel level, String user, String operation, + String target, String description) { + level.printLog(createFailureLog(user, operation, target, description, null, null)); + } + + /** * A helper api to add remote IP address */ static void addRemoteIP(StringBuilder b) { Index: hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/main/java/org/apache/hadoop/yarn/server/resourcemanager/RMAuditLogger.java =================================================================== --- hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/main/java/org/apache/hadoop/yarn/server/resourcemanager/RMAuditLogger.java (revision 1610627) +++ hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/main/java/org/apache/hadoop/yarn/server/resourcemanager/RMAuditLogger.java (working copy) @@ -37,6 +37,65 @@ static enum Keys {USER, OPERATION, TARGET, RESULT, IP, PERMISSIONS, DESCRIPTION, APPID, APPATTEMPTID, CONTAINERID} + + /** + * + * Prints audit log based on log level specified + * + */ + public static enum LogLevel { + WARN { + @Override + public void printLog(Object logMsg) { + if(LOG.isWarnEnabled()) { + LOG.warn(logMsg); + } + } + }, + ERROR { + @Override + public void printLog(Object logMsg) { + if(LOG.isErrorEnabled()) { + LOG.error(logMsg); + } + } + }, + FATAL { + @Override + public void printLog(Object logMsg) { + if(LOG.isFatalEnabled()) { + LOG.fatal(logMsg); + } + } + }, + DEBUG { + @Override + public void printLog(Object logMsg) { + if(LOG.isDebugEnabled()) { + LOG.debug(logMsg); + } + } + }, + TRACE { + @Override + public void printLog(Object logMsg) { + if(LOG.isTraceEnabled()) { + LOG.trace(logMsg); + } + } + }, + INFO { + @Override + public void printLog(Object logMsg) { + if(LOG.isInfoEnabled()) { + LOG.info(logMsg); + } + } + }; + public abstract void printLog(Object logMsg); + } + + public static class AuditConstants { static final String SUCCESS = "SUCCESS"; static final String FAILURE = "FAILURE"; @@ -101,6 +160,26 @@ containerId)); } } + + /** + * Create a readable and parseable audit log string for a successful event. + * + * @param level Log level at which audit log will be printed. + * @param user User who made the service request to the ResourceManager + * @param operation Operation requested by the user. + * @param target The target on which the operation is being performed. + * @param appId Application Id in which operation was performed. + * @param containerId Container Id in which operation was performed. + * + *

+ * Note that the {@link RMAuditLogger} uses tabs ('\t') as a key-val delimiter + * and hence the value fields should not contains tabs ('\t'). + */ + public static void logSuccess(LogLevel level, String user, String operation, + String target, ApplicationId appId, ContainerId containerId) { + level.printLog(createSuccessLog(user, operation, target, appId, null, + containerId)); + } /** * Create a readable and parseable audit log string for a successful event. @@ -122,8 +201,29 @@ null)); } } + + /** + * Create a readable and parseable audit log string for a successful event. + * + * @param level Log level at which audit log will be printed. + * @param user User who made the service request to the ResourceManager. + * @param operation Operation requested by the user. + * @param target The target on which the operation is being performed. + * @param appId Application Id in which operation was performed. + * @param attemptId Application Attempt Id in which operation was performed. + * + *

+ * Note that the {@link RMAuditLogger} uses tabs ('\t') as a key-val delimiter + * and hence the value fields should not contains tabs ('\t'). + */ + public static void logSuccess(LogLevel level, String user, String operation, + String target, ApplicationId appId, ApplicationAttemptId attemptId) { + level.printLog(createSuccessLog(user, operation, target, appId, + attemptId, null)); + } + /** * Create a readable and parseable audit log string for a successful event. * @@ -142,6 +242,25 @@ LOG.info(createSuccessLog(user, operation, target, appId, null, null)); } } + + /** + * Create a readable and parseable audit log string for a successful event. + * + * @param level Log level at which audit log will be printed. + * @param user User who made the service request to the ResourceManager. + * @param operation Operation requested by the user. + * @param target The target on which the operation is being performed. + * @param appId Application Id in which operation was performed. + * + *

+ * Note that the {@link RMAuditLogger} uses tabs ('\t') as a key-val delimiter + * and hence the value fields should not contains tabs ('\t'). + */ + public static void logSuccess(LogLevel level, String user, String operation, String target, + ApplicationId appId) { + level.printLog(createSuccessLog(user, operation, target, appId, null, + null)); + } /** * Create a readable and parseable audit log string for a successful event. @@ -159,6 +278,22 @@ LOG.info(createSuccessLog(user, operation, target, null, null, null)); } } + + /** + * Create a readable and parseable audit log string for a successful event. + * + * @param level Log level at which audit log will be printed. + * @param user User who made the service request. + * @param operation Operation requested by the user. + * @param target The target on which the operation is being performed. + * + *

+ * Note that the {@link RMAuditLogger} uses tabs ('\t') as a key-val delimiter + * and hence the value fields should not contains tabs ('\t'). + */ + public static void logSuccess(LogLevel level, String user, String operation, String target) { + level.printLog(createSuccessLog(user, operation, target, null, null, null)); + } /** * A helper api for creating an audit log for a failure event. @@ -210,6 +345,30 @@ appId, null, containerId)); } } + + /** + * Create a readable and parseable audit log string for a failed event. + * + * @param level Log level at which audit log will be printed. + * @param user User who made the service request. + * @param operation Operation requested by the user. + * @param perm Target permissions. + * @param target The target on which the operation is being performed. + * @param description Some additional information as to why the operation + * failed. + * @param appId Application Id in which operation was performed. + * @param containerId Container Id in which operation was performed. + * + *

+ * Note that the {@link RMAuditLogger} uses tabs ('\t') as a key-val delimiter + * and hence the value fields should not contains tabs ('\t'). + */ + public static void logFailure(LogLevel level, String user, String operation, + String perm, String target, String description, ApplicationId appId, + ContainerId containerId) { + level.printLog(createFailureLog(user, operation, perm, target, description, + appId, null, containerId)); + } /** * Create a readable and parseable audit log string for a failed event. @@ -234,6 +393,29 @@ appId, attemptId, null)); } } + + /** + * Create a readable and parseable audit log string for a failed event. + * + * @param level Log level at which audit log will be printed. + * @param user User who made the service request. + * @param operation Operation requested by the user. + * @param perm Target permissions. + * @param target The target on which the operation is being performed. + * @param description Some additional information as to why the operation + * failed. + * @param appId ApplicationId in which operation was performed. + * + *

+ * Note that the {@link RMAuditLogger} uses tabs ('\t') as a key-val delimiter + * and hence the value fields should not contains tabs ('\t'). + */ + public static void logFailure(LogLevel level, String user, String operation, + String perm, String target, String description, ApplicationId appId, + ApplicationAttemptId attemptId) { + level.printLog(createFailureLog(user, operation, perm, target, description, + appId, attemptId, null)); + } /** @@ -258,6 +440,28 @@ appId, null, null)); } } + + /** + * Create a readable and parseable audit log string for a failed event. + * + * @param level Log level at which audit log will be printed. + * @param user User who made the service request. + * @param operation Operation requested by the user. + * @param perm Target permissions. + * @param target The target on which the operation is being performed. + * @param description Some additional information as to why the operation + * failed. + * @param appId ApplicationId in which operation was performed. + * + *

+ * Note that the {@link RMAuditLogger} uses tabs ('\t') as a key-val delimiter + * and hence the value fields should not contains tabs ('\t'). + */ + public static void logFailure(LogLevel level, String user, String operation, + String perm, String target, String description, ApplicationId appId) { + level.printLog(createFailureLog(user, operation, perm, target, description, + appId, null, null)); + } /** * Create a readable and parseable audit log string for a failed event. @@ -280,6 +484,27 @@ null, null, null)); } } + + /** + * Create a readable and parseable audit log string for a failed event. + * + * @param level Log level at which audit log will be printed. + * @param user User who made the service request. + * @param operation Operation requested by the user. + * @param perm Target permissions. + * @param target The target on which the operation is being performed. + * @param description Some additional information as to why the operation + * failed. + * + *

+ * Note that the {@link RMAuditLogger} uses tabs ('\t') as a key-val delimiter + * and hence the value fields should not contains tabs ('\t'). + */ + public static void logFailure(LogLevel level, String user, String operation, + String perm, String target, String description) { + level.printLog(createFailureLog(user, operation, perm, target, description, + null, null, null)); + } /** * A helper api to add remote IP address