ranger-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Abhay Kulkarni (JIRA)" <j...@apache.org>
Subject [jira] [Created] (RANGER-1169) If a component has no Ranger policies specified then audit record is not created even if Ranger configuration requires to audit all accesses for that component
Date Tue, 06 Sep 2016 21:11:20 GMT
Abhay Kulkarni created RANGER-1169:
--------------------------------------

             Summary: If a component has no Ranger policies specified then audit record is
not created even if Ranger configuration requires to audit all accesses for that component
                 Key: RANGER-1169
                 URL: https://issues.apache.org/jira/browse/RANGER-1169
             Project: Ranger
          Issue Type: Bug
          Components: plugins
    Affects Versions: 0.6.1
            Reporter: Abhay Kulkarni
            Assignee: Abhay Kulkarni
            Priority: Minor
             Fix For: 0.7.0


Ranger supports global auditing with the configuration parameters:
ranger.audit.global.mode, ranger.audit.servicedef.<service-type>.mode and ranger.audit.service.<service-name>.mode.
If these parameters' values indicate that the access to the component with that service-type
and service-name is always to be audited, and if there are no ranger-policies defined for
the component with that service-type and service-name in ranger-admin, then accesses to the
component do not generate audit records. The global audit flag should be honored irrespective
of existence of any ranger access policies.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message