accumulo-notifications mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Rob Tallis (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (ACCUMULO-1070) Improve the auditing messages that are generated from the server.
Date Wed, 29 May 2013 04:53:21 GMT

     [ https://issues.apache.org/jira/browse/ACCUMULO-1070?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Rob Tallis updated ACCUMULO-1070:
---------------------------------

    Attachment: accumulo-1070-4.patch

I've moved the template strings next to the relevant method call, this is patch number 4.
(the patch is not dependent on the other patch files and should apply everything to the current
trunk). 
The only reason they ended up at the top is because that's where the intelliJ refactoring
put them.

If you're happy with the patch could you commit it please. I've more work to do (see previous
comment) but I probably won't get around to it for a few weeks.
                
> Improve the auditing messages that are generated from the server.
> -----------------------------------------------------------------
>
>                 Key: ACCUMULO-1070
>                 URL: https://issues.apache.org/jira/browse/ACCUMULO-1070
>             Project: Accumulo
>          Issue Type: Improvement
>          Components: master, tserver
>    Affects Versions: 1.4.2
>            Reporter: Philip Young
>            Assignee: Philip Young
>              Labels: patch, security
>             Fix For: 1.6.0
>
>         Attachments: accumulo-1070-1.patch, accumulo-1070-2.patch, accumulo-1070-3.patch,
accumulo-1070-4.patch
>
>   Original Estimate: 168h
>  Remaining Estimate: 168h
>
> Auditing of all user interactions, including system administrators, is sometimes required
by a companies so that they can retrospectively audit user interactions after a security breach.
Currently, not all user operations on the Accumulo server are generating audit messages and
if they are, not in a consistent manner. 
> The audit created in the AuditedSecurityOperations class are not currently creating consistent
messages when an user passes the operation validation to when they fail the operation validation.
> Also, the Scan operations are not being audited and it would be very useful to know who
has run scans and what those scans were, by including: the principal user, the column families,
the ranges, etc.
>  
> I am intending to address both of these issues and submit a patch in the next week.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message