ranger-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bhavik patel <bhavikpatel...@gmail.com>
Subject Re: Review Request 72701: RANGER-2917: Avoid recursive audit log in ES Plugin by user elasticsearch when plugin is enabled for ranger_audits index
Date Fri, 24 Jul 2020 04:58:05 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/72701/#review221347
-----------------------------------------------------------


Ship it!




Ship It!

- bhavik patel


On July 22, 2020, 11:13 a.m., Pradeep Agrawal wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/72701/
> -----------------------------------------------------------
> 
> (Updated July 22, 2020, 11:13 a.m.)
> 
> 
> Review request for ranger.
> 
> 
> Bugs: RANGER-2917
>     https://issues.apache.org/jira/browse/RANGER-2917
> 
> 
> Repository: ranger
> 
> 
> Description
> -------
> 
> **Problem Statement:** When Elasticsearch Plugin in enabled in the index "ranger_audits"
( ranger's audit log index), there will be recursive audit log getting generated for audits
logs that are getting in this collection.
> 
> 
> **Proposed Solution:** [Solution is inspired from RANGER-2564 which has similar implementation
for solr]
> 
> 1) Avoid recursive audit log done by service user "elasticsearch" in the ranger_audit
index.
> 
> 2) Introduce a optional configuration parameter to add service users to exclude from
audit log for "ranger_audit" index. This is in case if customer users are used as service
user in Elasticsearch process.
> 
> 
> Diffs
> -----
> 
>   plugin-elasticsearch/src/main/java/org/apache/ranger/authorization/elasticsearch/authorizer/RangerElasticsearchAuditHandler.java
PRE-CREATION 
>   plugin-elasticsearch/src/main/java/org/apache/ranger/authorization/elasticsearch/authorizer/RangerElasticsearchAuthorizer.java
e72a15858 
> 
> 
> Diff: https://reviews.apache.org/r/72701/diff/1/
> 
> 
> Testing
> -------
> 
> Testing done enabling the Elastic search Plugin in ranger_audits index.
> 
> 
> Thanks,
> 
> Pradeep Agrawal
> 
>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message