accumulo-notifications mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Eric Newton (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (ACCUMULO-1070) Improve the auditing messages that are generated from the server.
Date Wed, 22 May 2013 17:39:29 GMT

    [ https://issues.apache.org/jira/browse/ACCUMULO-1070?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13664308#comment-13664308
] 

Eric Newton commented on ACCUMULO-1070:
---------------------------------------

Rob, is there a reason why you pulled all the printf constants to one place?  That's not typical
for the rest of the codebase, and it's nice to see the template next to point where it is
expanded.  Otherwise, it looks good.
                
> Improve the auditing messages that are generated from the server.
> -----------------------------------------------------------------
>
>                 Key: ACCUMULO-1070
>                 URL: https://issues.apache.org/jira/browse/ACCUMULO-1070
>             Project: Accumulo
>          Issue Type: Improvement
>          Components: master, tserver
>    Affects Versions: 1.4.2
>            Reporter: Philip Young
>            Assignee: Philip Young
>              Labels: patch, security
>             Fix For: 1.6.0
>
>         Attachments: accumulo-1070-1.patch, accumulo-1070-2.patch, accumulo-1070-3.patch
>
>   Original Estimate: 168h
>  Remaining Estimate: 168h
>
> Auditing of all user interactions, including system administrators, is sometimes required
by a companies so that they can retrospectively audit user interactions after a security breach.
Currently, not all user operations on the Accumulo server are generating audit messages and
if they are, not in a consistent manner. 
> The audit created in the AuditedSecurityOperations class are not currently creating consistent
messages when an user passes the operation validation to when they fail the operation validation.
> Also, the Scan operations are not being audited and it would be very useful to know who
has run scans and what those scans were, by including: the principal user, the column families,
the ranges, etc.
>  
> I am intending to address both of these issues and submit a patch in the next week.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message