ranger-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Gautam Borad <gbo...@gmail.com>
Subject Review Request 42601: RANGER-798 - Approach 1 : Handle different timezone issue while saving audit logs to Solr
Date Wed, 27 Jan 2016 04:21:14 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/42601/
-----------------------------------------------------------

Review request for ranger, Alok Lal, Don Bosco Durai, Abhay Kulkarni, Madhan Neethiraj, Ramesh
Mani, Selvamohan Neethiraj, and Velmurugan Periasamy.


Bugs: RANGER-798
    https://issues.apache.org/jira/browse/RANGER-798


Repository: ranger


Description
-------

**Problem Statement**:
The current implementation of “auditEvent.getEventTime()” contains time in UTC and since
it's a date object it will contain component machine's local timezone. When Solr receives
this date object and timezone, it tries to convert it from given timezone to UTC timestamp,
which leads to double conversion of actual time before it get stored in Solr.

**Proposed Solution**:
If we can provide server local time and timezone to Solr then Solr will convert the received
time from given timezone to UTC.
As an alternate solution, replaced getUTCDate() with new Date() object at various places for
audit event time, all audit destination will  receive local Date object, for Solr there will
be no conversion on received Date object but for all other audit destination we need to convert
the received Date value to UTC timestamp as audit logs are being stored in UTC timestamp for
all service/component. If all destination thread are enabled then changing the received event
object may create issue in other audit destination as same event object is refferred everywhere.
Hence received event object attributes value are being copied in another local event object
and the updated event time can be stored there, after this local event object will be used
to convert that in JSON to write in HDFS, or can be persisted in DB.


Diffs
-----

  agents-audit/src/main/java/org/apache/ranger/audit/destination/DBAuditDestination.java 376e724

  agents-audit/src/main/java/org/apache/ranger/audit/destination/FileAuditDestination.java
c6cd8b2 
  agents-audit/src/main/java/org/apache/ranger/audit/destination/HDFSAuditDestination.java
96755be 
  agents-audit/src/main/java/org/apache/ranger/audit/destination/Log4JAuditDestination.java
9521a4a 
  agents-audit/src/main/java/org/apache/ranger/audit/model/AuditEventBase.java 2a07e94 
  agents-audit/src/main/java/org/apache/ranger/audit/provider/BaseAuditHandler.java 6717c92

  agents-audit/src/main/java/org/apache/ranger/audit/provider/MiscUtil.java 9586f73 
  agents-common/src/main/java/org/apache/ranger/authorization/utils/StringUtil.java f6f3d2d

  agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessRequestImpl.java
fe50ca6 
  hbase-agent/src/main/java/org/apache/ranger/authorization/hbase/RangerAuthorizationCoprocessor.java
8762bf5 
  hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/RangerHdfsAuthorizer.java
5125af7 
  hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAccessRequest.java
2ae4149 
  hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuditHandler.java
0f13577 
  plugin-kafka/src/main/java/org/apache/ranger/authorization/kafka/authorizer/RangerKafkaAuthorizer.java
bb6a337 
  plugin-kms/src/main/java/org/apache/ranger/authorization/kms/authorizer/RangerKmsAuthorizer.java
04b8b91 
  plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuthorizer.java
a8ecf15 
  plugin-yarn/src/main/java/org/apache/ranger/authorization/yarn/authorizer/RangerYarnAuthorizer.java
ab9b7a9 

Diff: https://reviews.apache.org/r/42601/diff/


Testing
-------

Steps performed(after patch) :
1) Changed plugin system time zone to IST and restarted all components.
2) Initiated an HDFS audit event.
3) Checked event time of newly created audit log in Solr, Audit log event time was matching
with UTC.
4) Checked event time in Ranger UI, newly generated Audit event is matching with current time.
5) Checked event time of newly created audit log in xa_access_audit table, Audit log event
time was matching with UTC.
6) Checked event time of newly created audit log in HDFS logs, Audit log event time was matching
with UTC.

Note: Will test other services audit logs after this approach is reviewed.


Thanks,

Gautam Borad


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message