accumulo-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dylan Hutchison <dhutc...@mit.edu>
Subject Re: Log4j: Removing Audit messages
Date Mon, 16 Mar 2015 03:03:49 GMT
Thanks, changing generic_logger.xml worked like a charm!  I set Audit to
WARN.
~Dylan

On Sun, Mar 15, 2015 at 9:39 PM, Josh Elser <josh.elser@gmail.com> wrote:

> On the contrary, if you don't have a *.audit file, it's probably getting
> parsed as the audit file wasn't made.
>
> log4j.properties is only used for "client" applications -- not the server
> processes.
>
> Server processes configure their logging by first looking for a
> %s_logger.xml and then %s_logger.properties file where %s is the name of
> the process (e.g. tserver, gc).
>
> Generally, there should be the following in your generic_logger.xml:
>
> <logger name="Audit">
>   <level value="OFF"/>
> </logger>
>
> or in generic_logger.properties (if you remove *_logger.xml):
>
> log4j.logger.Audit=OFF
>
> These should probably be in the templates/examples that we provide. It
> doesn't appear that they presently are.
>
> Dylan Hutchison wrote:
>
>> Yes, here are the contents of conf/auditLog.xml:
>>
>>     <appender name="Audit"
>>     class="org.apache.log4j.DailyRollingFileAppender">
>>     <param name="File"
>>     value="${org.apache.accumulo.core.dir.log}/${org.apache.
>> accumulo.core.ip.localhost.hostname}.audit"/>
>>     <param name="MaxBackupIndex" value="10"/>
>>     <param name="DatePattern" value="'.'yyyy-MM-dd"/>
>>     <layout class="org.apache.log4j.PatternLayout">
>>     <param name="ConversionPattern" value="%d{yyyy-MM-dd HH:mm:ss,SSS/Z}
>>     [%c{2}] %-5p: %m%n"/>
>>     </layout>
>>     </appender>
>>     <logger name="Audit"  additivity="false">
>>     <appender-ref ref="Audit" />
>>     <level value="*OFF*"/>
>>     </logger>
>>
>>
>> I don't think this file is parsed because if the level were truly OFF,
>> then I wouldn't see any audit messages.
>>
>> On Sun, Mar 15, 2015 at 9:03 PM, Billie Rinaldi
>> <billie.rinaldi@gmail.com <mailto:billie.rinaldi@gmail.com>> wrote:
>>
>>     Do you have an auditLog.xml?
>>
>>     On Mar 15, 2015 8:58 PM, "Dylan Hutchison" <dhutchis@mit.edu
>>     <mailto:dhutchis@mit.edu>> wrote:
>>
>>         Hi there,
>>
>>         I'd like to stop appending INFO-level AUDIT log messages to the
>>         regular and debug tserver log files. Here is an example log:
>>
>>             2015-03-15 20:39:26,970 [Audit   ] INFO : operation:
>>             permitted; user: root; client: 127.0.0.1:41256
>>             <http://127.0.0.1:41256>;
>>
>>
>>         I'm confused how log4j is setup (see ACCUMULO-3546
>>         <https://issues.apache.org/jira/browse/ACCUMULO-3546>).  I tried
>>         appending variants of
>>
>>             log4j.logger.Audit=WARN
>>
>>
>>         to $ACCUMULO_HOME/conf/log4j.properties, but no luck.  There is
>>         also the generic_logger.xml and generic_logger.properties.
>>
>>         This line of code
>>         from org.apache.accumulo.server.security.AuditedSecurityOperation
>> is
>>         relevant:
>>
>>
>>             public static final String AUDITLOG = "Audit";
>>             public static final Logger audit = Logger.getLogger(AUDITLOG);
>>
>>
>>         I want to stop this logger.
>>
>>         Regards,
>>         Dylan Hutchison
>>
>>
>>

Mime
View raw message