Return-Path: X-Original-To: apmail-hbase-issues-archive@www.apache.org Delivered-To: apmail-hbase-issues-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 967D4E24F for ; Wed, 19 Dec 2012 08:59:14 +0000 (UTC) Received: (qmail 70451 invoked by uid 500); 19 Dec 2012 08:59:14 -0000 Delivered-To: apmail-hbase-issues-archive@hbase.apache.org Received: (qmail 70315 invoked by uid 500); 19 Dec 2012 08:59:14 -0000 Mailing-List: contact issues-help@hbase.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Delivered-To: mailing list issues@hbase.apache.org Received: (qmail 70301 invoked by uid 99); 19 Dec 2012 08:59:13 -0000 Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 19 Dec 2012 08:59:13 +0000 Date: Wed, 19 Dec 2012 08:59:13 +0000 (UTC) From: "Hudson (JIRA)" To: issues@hbase.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Commented] (HBASE-6585) Audit log messages should contain info about the higher level operation being executed MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/HBASE-6585?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13535790#comment-13535790 ] Hudson commented on HBASE-6585: ------------------------------- Integrated in HBase-TRUNK #3638 (See [https://builds.apache.org/job/HBase-TRUNK/3638/]) HBASE-6585 Audit log messages should contain info about the higher level operation being executed (Revision 1423775) Result = FAILURE stack : Files : * /hbase/trunk/conf/log4j.properties * /hbase/trunk/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java > Audit log messages should contain info about the higher level operation being executed > -------------------------------------------------------------------------------------- > > Key: HBASE-6585 > URL: https://issues.apache.org/jira/browse/HBASE-6585 > Project: HBase > Issue Type: Improvement > Components: security > Affects Versions: 0.96.0 > Reporter: Marcelo Vanzin > Assignee: Matteo Bertozzi > Priority: Minor > Labels: acl > Fix For: 0.96.0, 0.94.4 > > Attachments: HBASE-6585-v0.patch, HBASE-6585-v1.patch, HBASE-6585-v2.patch, HBASE-6885-0.94.patch > > > Currently, audit log messages contains the "action" for which access was checked; this is one of READ, WRITE, CREATE or ADMIN. > These give very little information to the person digging into the logs about what was done, though. You can't ask "who deleted rows from table x?", because "delete" is translated to a "WRITE" action. > It would be nice if the audit logs contained the higher-level operation, either replacing or in addition to the RWCA information. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira