hadoop-hdfs-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Suresh Srinivas (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HDFS-3680) Allows customized audit logging in HDFS FSNamesystem
Date Tue, 02 Oct 2012 19:13:08 GMT

    [ https://issues.apache.org/jira/browse/HDFS-3680?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13467983#comment-13467983
] 

Suresh Srinivas commented on HDFS-3680:
---------------------------------------

Comments:
# The patch needs to document the newly added parameter. The document should include how to
set it up, the expectation from the audit log implementation and the impact of this configuration
when things do not work correctly.
# dfs.namenode.access.logger should be dfs.namenode.audit.logger
# TestAuditLogger - add javadoc and @link to the functionality being tested
# Minor - there is a mention of FSAccessLogger in DefaultAuditLogger javadoc
# what is the reason symlink is being done in logAuditEvent? Why is it a part of this jira?
# How does one add DefaultAuditLogger with a custom audit loggers? How does isAuditEnabled()
method work if you add an ability to setup DefaultAuditLogger?
# java.security.principal unnecessary import in FSNamesystem.java
# FSNamesystem#auditLog should be moved to DefaultAuditLogger. Also why is auditLog used for
logging in method getFileInfo and mkdirs still? Why not new auditloggers used for that?
# Should AuditLogger#logAuditEvent consider throwing IOException to indicate error?
# Sorry I have not caught up all the comments - what is the final decision on how to handle
logger errors? Currently the client gets an exception when logAuditEvent fails. That does
not seem to be correct.


                
> Allows customized audit logging in HDFS FSNamesystem
> ----------------------------------------------------
>
>                 Key: HDFS-3680
>                 URL: https://issues.apache.org/jira/browse/HDFS-3680
>             Project: Hadoop HDFS
>          Issue Type: Improvement
>          Components: name-node
>    Affects Versions: 2.0.0-alpha
>            Reporter: Marcelo Vanzin
>            Assignee: Marcelo Vanzin
>            Priority: Minor
>         Attachments: accesslogger-v1.patch, accesslogger-v2.patch, hdfs-3680-v3.patch,
hdfs-3680-v4.patch, hdfs-3680-v5.patch, hdfs-3680-v6.patch, hdfs-3680-v7.patch
>
>
> Currently, FSNamesystem writes audit logs to a logger; that makes it easy to get audit
logs in some log file. But it makes it kinda tricky to store audit logs in any other way (let's
say a database), because it would require the code to implement a log appender (and thus know
what logging system is actually being used underneath the fa├žade), and parse the textual
log message generated by FSNamesystem.
> I'm attaching a patch that introduces a cleaner interface for this use case.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message