Return-Path: X-Original-To: apmail-accumulo-notifications-archive@minotaur.apache.org Delivered-To: apmail-accumulo-notifications-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id D8C7C1058C for ; Tue, 4 Jun 2013 20:29:21 +0000 (UTC) Received: (qmail 85239 invoked by uid 500); 4 Jun 2013 20:29:21 -0000 Delivered-To: apmail-accumulo-notifications-archive@accumulo.apache.org Received: (qmail 85200 invoked by uid 500); 4 Jun 2013 20:29:21 -0000 Mailing-List: contact notifications-help@accumulo.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: jira@apache.org Delivered-To: mailing list notifications@accumulo.apache.org Received: (qmail 85153 invoked by uid 99); 4 Jun 2013 20:29:21 -0000 Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 04 Jun 2013 20:29:21 +0000 Date: Tue, 4 Jun 2013 20:29:21 +0000 (UTC) From: "ASF subversion and git services (JIRA)" To: notifications@accumulo.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Commented] (ACCUMULO-1070) Improve the auditing messages that are generated from the server. MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/ACCUMULO-1070?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13675202#comment-13675202 ] ASF subversion and git services commented on ACCUMULO-1070: ----------------------------------------------------------- Commit 1489592 from ecn [ https://svn.apache.org/r1489592 ] ACCUMULO-1070 fixing rat check > Improve the auditing messages that are generated from the server. > ----------------------------------------------------------------- > > Key: ACCUMULO-1070 > URL: https://issues.apache.org/jira/browse/ACCUMULO-1070 > Project: Accumulo > Issue Type: Improvement > Components: master, tserver > Affects Versions: 1.4.2 > Reporter: Philip Young > Assignee: Philip Young > Labels: patch, security > Fix For: 1.6.0 > > Attachments: accumulo-1070-1.patch, accumulo-1070-2.patch, accumulo-1070-3.patch, accumulo-1070-4.patch > > Original Estimate: 168h > Remaining Estimate: 168h > > Auditing of all user interactions, including system administrators, is sometimes required by a companies so that they can retrospectively audit user interactions after a security breach. Currently, not all user operations on the Accumulo server are generating audit messages and if they are, not in a consistent manner. > The audit created in the AuditedSecurityOperations class are not currently creating consistent messages when an user passes the operation validation to when they fail the operation validation. > Also, the Scan operations are not being audited and it would be very useful to know who has run scans and what those scans were, by including: the principal user, the column families, the ranges, etc. > > I am intending to address both of these issues and submit a patch in the next week. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira