hadoop-hdfs-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kihwal Lee (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HDFS-10776) Revisit Hdfs Audit Logging
Date Thu, 18 Aug 2016 18:22:20 GMT

    [ https://issues.apache.org/jira/browse/HDFS-10776?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15426946#comment-15426946

Kihwal Lee commented on HDFS-10776:

bq.1) What is the correct way of doing the hdfs audit logging?

is the audit logging policy that was agreed up on in HDFS-9395.  The key opinion that led
to the agreement was probably the statement from [~daryn]:
... The audit log should be a record of successful or unauthorized access to data - not a
debug record of every attempted operation. The reduced SNR of already monstrous logs and the
performance penalty (it's already extremely high) of logging unsuccessful operations generated
by polling, globbing, file not found, rename targets existing, etc is of no value to me.

Please share your thoughts on this.

> Revisit Hdfs Audit Logging
> --------------------------
>                 Key: HDFS-10776
>                 URL: https://issues.apache.org/jira/browse/HDFS-10776
>             Project: Hadoop HDFS
>          Issue Type: Bug
>    Affects Versions: 2.7.2
>            Reporter: Kuhu Shukla
>            Assignee: Kuhu Shukla
> HDFS audit logging is considered critical in many scenarios, but it hasn't been always
implemented consistently, especially for new features. As we have seen in HDFS-9395 and the
2.7.3 release discussions in the mailing list, even bug fixes are tricky since some users
may get greatly impacted by the resulting incompatibility. The goal of this jira is to clarify
what the hdfs audit logging should do and discuss potential approaches that will allows us
to move forward.
> 1) What is the correct way of doing the hdfs audit logging? This was discussed in HDFS-9395,
but needs to be revisited as there were discussions on the fix being made with wrong assumptions. What
needs to be fixed, if HDFS-9395 is incorrect or incomplete?
> 2) What if a single standard cannot satisfy everyone? Do we need to make the audit logging
more flexible and configurable?
> 3) What is the best way of introducing future bug fixes to the hdfs audit logging that
change the output?  Some may not want a fix, while others may consider it critical and
want it asap.
> CC:[~aw]

This message was sent by Atlassian JIRA

To unsubscribe, e-mail: hdfs-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: hdfs-issues-help@hadoop.apache.org

View raw message