ranger-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From mad...@apache.org
Subject [1/2] incubator-argus git commit: ARGUS-163: updated default value of properties in install.properties - updated HDFS audit logger to call hflush() immediately after moving a local file from local
Date Fri, 07 Nov 2014 02:37:58 GMT
Repository: incubator-argus
Updated Branches:
  refs/heads/master 666f96775 -> d9bb3f258


ARGUS-163: updated default value of properties in install.properties
- updated HDFS audit logger to call hflush() immediately after moving a
local file from local

Project: http://git-wip-us.apache.org/repos/asf/incubator-argus/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-argus/commit/44722c61
Tree: http://git-wip-us.apache.org/repos/asf/incubator-argus/tree/44722c61
Diff: http://git-wip-us.apache.org/repos/asf/incubator-argus/diff/44722c61

Branch: refs/heads/master
Commit: 44722c6106c27b4a78a0f5c21aefc9961e1919ef
Parents: 666f967
Author: Madhan Neethiraj <madhan@apache.org>
Authored: Thu Nov 6 18:01:28 2014 -0800
Committer: Madhan Neethiraj <madhan@apache.org>
Committed: Thu Nov 6 18:01:28 2014 -0800

----------------------------------------------------------------------
 .../audit/provider/BufferedAuditProvider.java   |   2 +-
 .../audit/provider/LocalFileLogBuffer.java      |   1 +
 .../xasecure/audit/provider/LogDestination.java |   2 +
 .../com/xasecure/audit/provider/MiscUtil.java   |   4 +-
 .../audit/provider/hdfs/HdfsLogDestination.java |  55 +++++++--
 hbase-agent/conf/xasecure-audit.xml             | 110 +++++++++---------
 hbase-agent/scripts/install.properties          |  88 ++++++++-------
 hdfs-agent/conf/xasecure-audit.xml              |  14 +--
 hdfs-agent/scripts/install.properties           |  87 +++++++-------
 hive-agent/conf/xasecure-audit.xml              | 112 +++++++++----------
 hive-agent/scripts/install.properties           |  89 ++++++++-------
 knox-agent/conf/xasecure-audit.xml              | 105 ++++++++---------
 knox-agent/scripts/install.properties           |  85 +++++++-------
 security-admin/scripts/install.properties       |   2 +-
 storm-agent/conf/xasecure-audit.xml             | 111 +++++++++---------
 storm-agent/scripts/install.properties          |  85 +++++++-------
 16 files changed, 506 insertions(+), 446 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-argus/blob/44722c61/agents-audit/src/main/java/com/xasecure/audit/provider/BufferedAuditProvider.java
----------------------------------------------------------------------
diff --git a/agents-audit/src/main/java/com/xasecure/audit/provider/BufferedAuditProvider.java b/agents-audit/src/main/java/com/xasecure/audit/provider/BufferedAuditProvider.java
index 990a446..94b853c 100644
--- a/agents-audit/src/main/java/com/xasecure/audit/provider/BufferedAuditProvider.java
+++ b/agents-audit/src/main/java/com/xasecure/audit/provider/BufferedAuditProvider.java
@@ -37,7 +37,7 @@ public abstract class BufferedAuditProvider extends BaseAuditProvider {
 		}
 
 		if(event.getLogType() == null) {
-			event.setLogType("ArgusAudit");
+			event.setLogType("RangerAudit");
 		}
 
 		if(event.getEventId() == null) {

http://git-wip-us.apache.org/repos/asf/incubator-argus/blob/44722c61/agents-audit/src/main/java/com/xasecure/audit/provider/LocalFileLogBuffer.java
----------------------------------------------------------------------
diff --git a/agents-audit/src/main/java/com/xasecure/audit/provider/LocalFileLogBuffer.java b/agents-audit/src/main/java/com/xasecure/audit/provider/LocalFileLogBuffer.java
index b60b791..b96d555 100644
--- a/agents-audit/src/main/java/com/xasecure/audit/provider/LocalFileLogBuffer.java
+++ b/agents-audit/src/main/java/com/xasecure/audit/provider/LocalFileLogBuffer.java
@@ -515,6 +515,7 @@ class DestinationDispatcherThread<T> extends Thread {
 		closeCurrentFile();
 
 		if(!mStopThread) {
+			mDestination.flush();
 			archiveCurrentFile();
 		}
 

http://git-wip-us.apache.org/repos/asf/incubator-argus/blob/44722c61/agents-audit/src/main/java/com/xasecure/audit/provider/LogDestination.java
----------------------------------------------------------------------
diff --git a/agents-audit/src/main/java/com/xasecure/audit/provider/LogDestination.java b/agents-audit/src/main/java/com/xasecure/audit/provider/LogDestination.java
index a8b5081..18c740e 100644
--- a/agents-audit/src/main/java/com/xasecure/audit/provider/LogDestination.java
+++ b/agents-audit/src/main/java/com/xasecure/audit/provider/LogDestination.java
@@ -29,4 +29,6 @@ public interface LogDestination<T> {
 	public boolean send(T log);
 
 	public boolean sendStringified(String log);
+
+	public boolean flush();
 }

http://git-wip-us.apache.org/repos/asf/incubator-argus/blob/44722c61/agents-audit/src/main/java/com/xasecure/audit/provider/MiscUtil.java
----------------------------------------------------------------------
diff --git a/agents-audit/src/main/java/com/xasecure/audit/provider/MiscUtil.java b/agents-audit/src/main/java/com/xasecure/audit/provider/MiscUtil.java
index 50f154f..54341dd 100644
--- a/agents-audit/src/main/java/com/xasecure/audit/provider/MiscUtil.java
+++ b/agents-audit/src/main/java/com/xasecure/audit/provider/MiscUtil.java
@@ -184,7 +184,9 @@ public class MiscUtil {
 				File parentDir = new File(parentName);
 
 				if(!parentDir.exists()) {
-					parentDir.mkdirs();
+					if(! parentDir.mkdirs()) {
+						LogLog.warn("createParents(): failed to create " + parentDir.getAbsolutePath());
+					}
 				}
 			}
 		}

http://git-wip-us.apache.org/repos/asf/incubator-argus/blob/44722c61/agents-audit/src/main/java/com/xasecure/audit/provider/hdfs/HdfsLogDestination.java
----------------------------------------------------------------------
diff --git a/agents-audit/src/main/java/com/xasecure/audit/provider/hdfs/HdfsLogDestination.java b/agents-audit/src/main/java/com/xasecure/audit/provider/hdfs/HdfsLogDestination.java
index b3a103e..f81f526 100644
--- a/agents-audit/src/main/java/com/xasecure/audit/provider/hdfs/HdfsLogDestination.java
+++ b/agents-audit/src/main/java/com/xasecure/audit/provider/hdfs/HdfsLogDestination.java
@@ -46,6 +46,7 @@ public class HdfsLogDestination<T> implements LogDestination<T> {
 	private int     mOpenRetryIntervalSeconds = 60;
 	private DebugTracer mLogger               = null;
 
+	private FSDataOutputStream mFsDataOutStream    = null;
 	private OutputStreamWriter mWriter             = null; 
 	private String             mHdfsFilename       = null;
 	private long               mNextRolloverTime   = 0;
@@ -168,6 +169,45 @@ public class HdfsLogDestination<T> implements LogDestination<T> {
 		return ret;
 	}
 
+	@Override
+	public boolean flush() {
+		mLogger.debug("==> HdfsLogDestination.flush()");
+
+		boolean ret = false;
+
+		OutputStreamWriter writer  = mWriter;
+
+		if(writer != null) {
+			try {
+				writer.flush();
+				
+				ret = true;
+			} catch (IOException excp) {
+				logException("HdfsLogDestination: flush() failed", excp);
+			}
+		}
+
+		FSDataOutputStream ostream = mFsDataOutStream;
+
+		if(ostream != null) {
+			try {
+				ostream.hflush();
+
+				ret = true;
+			} catch (IOException excp) {
+				logException("HdfsLogDestination: hflush() failed", excp);
+			}
+		}
+
+		if(ret) {
+			mNextFlushTime = System.currentTimeMillis() + (mFlushIntervalSeconds * 1000L);
+		}
+
+		mLogger.debug("<== HdfsLogDestination.flush()");
+
+		return ret;
+	}
+
 	private void openFile() {
 		mLogger.debug("==> HdfsLogDestination.openFile()");
 
@@ -243,6 +283,7 @@ public class HdfsLogDestination<T> implements LogDestination<T> {
 		if(mWriter != null) {
 			mLogger.debug("HdfsLogDestination.openFile(): opened file " + mHdfsFilename);
 
+			mFsDataOutStream    = ostream;
 			mNextFlushTime      = System.currentTimeMillis() + (mFlushIntervalSeconds * 1000L);
 			mLastOpenFailedTime = 0;
 		} else {
@@ -257,16 +298,18 @@ public class HdfsLogDestination<T> implements LogDestination<T> {
 
 	private void closeFile() {
 		mLogger.debug("==> HdfsLogDestination.closeFile()");
+		
+		flush();
 
 		OutputStreamWriter writer = mWriter;
 
-		mWriter = null;
+		mWriter          = null;
+		mFsDataOutStream = null;
 
 		if(writer != null) {
 			try {
 				mLogger.info("HdfsLogDestination.closeFile(): closing file " + mHdfsFilename);
 
-				writer.flush();
 				writer.close();
 			} catch(IOException excp) {
 				logException("HdfsLogDestination: failed to close file " + mHdfsFilename, excp);
@@ -296,13 +339,7 @@ public class HdfsLogDestination<T> implements LogDestination<T> {
 		} else  if(now > mNextRolloverTime) {
 			rollover();
 		} else if(now > mNextFlushTime) {
-			try {
-				mNextFlushTime = now + (mFlushIntervalSeconds * 1000L);
-
-				mWriter.flush();
-			} catch (IOException excp) {
-				logException("HdfsLogDestination: failed to flush", excp);
-			}
+			flush();
 		}
 	}
 

http://git-wip-us.apache.org/repos/asf/incubator-argus/blob/44722c61/hbase-agent/conf/xasecure-audit.xml
----------------------------------------------------------------------
diff --git a/hbase-agent/conf/xasecure-audit.xml b/hbase-agent/conf/xasecure-audit.xml
index c97f722..be2661a 100644
--- a/hbase-agent/conf/xasecure-audit.xml
+++ b/hbase-agent/conf/xasecure-audit.xml
@@ -17,68 +17,18 @@
 -->
 <?xml-stylesheet type="text/xsl" href="configuration.xsl"?>
 <configuration xmlns:xi="http://www.w3.org/2001/XInclude">
-
-	<property>
-		<name>xasecure.audit.provider.factory</name>
-		<value>com.xasecure.audit.provider.AuditProviderFactory</value>
-	</property>
-
-	<!--  Properties whose name begin with "xasecure.audit." are used to configure JPA -->
-	<property>
-		<name>xasecure.audit.jpa.javax.persistence.jdbc.url</name>
-		<value>jdbc:mysql://localhost:3306/xa_db</value>
-	</property>
-
-	<property>
-		<name>xasecure.audit.jpa.javax.persistence.jdbc.user</name>
-		<value>xaaudit</value>
-	</property>
-
-	<property>
-		<name>xasecure.audit.jpa.javax.persistence.jdbc.password</name>
-		<value>none</value>
-	</property>
-
-	<property>
-		<name>xasecure.audit.jpa.javax.persistence.jdbc.driver</name>
-		<value>com.mysql.jdbc.Driver</value>
-	</property>
-
-	<property>
-		<name>xasecure.audit.credential.provider.file</name>
-		<value>jceks://file/etc/xasecure/conf/auditcred.jceks</value>
-	</property>
-	
-	<property>
-		<name>xasecure.audit.repository.name</name>
-		<value>hbasedev</value>
-	</property>	
-	
 	<property>
 		<name>xasecure.audit.is.enabled</name>
 		<value>true</value>
 	</property>	
-
-	<property>
-		<name>xasecure.audit.log4j.is.enabled</name>
-		<value>false</value>
-	</property>	
-
-	<property>
-		<name>xasecure.audit.log4j.is.async</name>
-		<value>false</value>
-	</property>	
 	
 	<property>
-		<name>xasecure.audit.log4j.async.max.queue.size</name>
-		<value>10240</value>
-	</property>	
-
-	<property>
-		<name>xasecure.audit.log4j.async.max.flush.interval.ms</name>
-		<value>30000</value>
+		<name>xasecure.audit.repository.name</name>
+		<value>hbasedev</value>
 	</property>	
 	
+
+	<!-- DB audit provider configuration -->
 	<property>
 		<name>xasecure.audit.db.is.enabled</name>
 		<value>false</value>
@@ -104,11 +54,37 @@
 		<value>100</value>
 	</property>	
 
+	<!--  Properties whose name begin with "xasecure.audit.jpa." are used to configure JPA -->
+	<property>
+		<name>xasecure.audit.jpa.javax.persistence.jdbc.url</name>
+		<value>jdbc:mysql://localhost:3306/ranger_audit</value>
+	</property>
+
+	<property>
+		<name>xasecure.audit.jpa.javax.persistence.jdbc.user</name>
+		<value>rangerlogger</value>
+	</property>
+
+	<property>
+		<name>xasecure.audit.jpa.javax.persistence.jdbc.password</name>
+		<value>none</value>
+	</property>
+
+	<property>
+		<name>xasecure.audit.jpa.javax.persistence.jdbc.driver</name>
+		<value>com.mysql.jdbc.Driver</value>
+	</property>
+
+	<property>
+		<name>xasecure.audit.credential.provider.file</name>
+		<value>jceks://file/etc/ranger/hbasedev/auditcred.jceks</value>
+	</property>
+
 
 	<!-- HDFS audit provider configuration -->
 	<property>
 		<name>xasecure.audit.hdfs.is.enabled</name>
-		<value>true</value>
+		<value>false</value>
 	</property>	
 
 	<property>
@@ -133,7 +109,7 @@
 
 	<property>
 		<name>xasecure.audit.hdfs.config.destination.directory</name>
-		<value>hdfs://namenodehost:8020/ranger/audit/%app-type%/%time:yyyyMMdd%</value>
+		<value>hdfs://NAMENODE_HOST:8020/ranger/audit/%app-type%/%time:yyyyMMdd%</value>
 	</property>	
 
 	<property>
@@ -190,4 +166,26 @@
 		<name>xasecure.audit.hdfs.config.local.archive.max.file.count</name>
 		<value>10</value>
 	</property>	
+	
+
+	<!-- Log4j audit provider configuration -->
+	<property>
+		<name>xasecure.audit.log4j.is.enabled</name>
+		<value>false</value>
+	</property>	
+
+	<property>
+		<name>xasecure.audit.log4j.is.async</name>
+		<value>false</value>
+	</property>	
+	
+	<property>
+		<name>xasecure.audit.log4j.async.max.queue.size</name>
+		<value>10240</value>
+	</property>	
+
+	<property>
+		<name>xasecure.audit.log4j.async.max.flush.interval.ms</name>
+		<value>30000</value>
+	</property>	
 </configuration>

http://git-wip-us.apache.org/repos/asf/incubator-argus/blob/44722c61/hbase-agent/scripts/install.properties
----------------------------------------------------------------------
diff --git a/hbase-agent/scripts/install.properties b/hbase-agent/scripts/install.properties
index 90fea85..5a81ad4 100644
--- a/hbase-agent/scripts/install.properties
+++ b/hbase-agent/scripts/install.properties
@@ -16,23 +16,18 @@
 #
 # Location of Policy Manager URL  
 #
-#
 # Example:
 # POLICY_MGR_URL=http://policymanager.xasecure.net:6080
 #
-
 POLICY_MGR_URL=
 
-# Example:
-# XAAUDIT.DB.FLAVOUR=MYSQL
-# XAAUDIT.DB.FLAVOUR=ORACLE
-XAAUDIT.DB.FLAVOUR=MYSQL
-
 #
 # Location of db client library (please check the location of the jar file)
 #
-#SQL_CONNECTOR_JAR=/usr/share/java/mysql-connector-java.jar
-#SQL_CONNECTOR_JAR=/usr/share/java/ojdbc6.jar
+# Example:
+# SQL_CONNECTOR_JAR=/usr/share/java/mysql-connector-java.jar
+# SQL_CONNECTOR_JAR=/usr/share/java/ojdbc6.jar
+#
 SQL_CONNECTOR_JAR=/usr/share/java/mysql-connector-java.jar
 
 #
@@ -41,7 +36,6 @@ SQL_CONNECTOR_JAR=/usr/share/java/mysql-connector-java.jar
 # Example:
 # REPOSITORY_NAME=hbasedev
 #
-
 REPOSITORY_NAME=
 
 #
@@ -50,33 +44,65 @@ REPOSITORY_NAME=
 #  This information should match with the one you specified during the PolicyManager Installation
 # 
 # Example:
+# XAAUDIT.DB.IS_ENABLED=true
+# XAAUDIT.DB.FLAVOUR=MYSQL
+# XAAUDIT.DB.FLAVOUR=ORACLE
 # XAAUDIT.DB.HOSTNAME=localhost
-# XAAUDIT.DB.DATABASE_NAME=xasecure
-# XAAUDIT.DB.USER_NAME=xalogger
-# XAAUDIT.DB.PASSWORD=
+# XAAUDIT.DB.DATABASE_NAME=ranger_audit
+# XAAUDIT.DB.USER_NAME=rangerlogger
+# XAAUDIT.DB.PASSWORD=rangerlogger
 #
-
+XAAUDIT.DB.IS_ENABLED=false
+XAAUDIT.DB.FLAVOUR=MYSQL
 XAAUDIT.DB.HOSTNAME=
 XAAUDIT.DB.DATABASE_NAME=
 XAAUDIT.DB.USER_NAME=
 XAAUDIT.DB.PASSWORD=
 
 #
+#  Audit to HDFS Configuration
+#
+# If XAAUDIT.HDFS.IS_ENABLED is set to true, please replace tokens
+# that start with __REPLACE__ with appropriate values
+#  XAAUDIT.HDFS.IS_ENABLED=true
+#  XAAUDIT.HDFS.DESTINATION_DIRECTORY=hdfs://__REPLACE__NAME_NODE_HOST:8020/ranger/audit/%app-type%/%time:yyyyMMdd%
+#  XAAUDIT.HDFS.LOCAL_BUFFER_DIRECTORY=__REPLACE__LOG_DIR/hbase/audit/%app-type%
+#  XAAUDIT.HDFS.LOCAL_ARCHIVE_DIRECTORY=__REPLACE__LOG_DIR/hbase/audit/archive/%app-type%
+#
+# Example:
+#  XAAUDIT.HDFS.IS_ENABLED=true
+#  XAAUDIT.HDFS.DESTINATION_DIRECTORY=hdfs://namenode.example.com:8020/ranger/audit/%app-type%/%time:yyyyMMdd%
+#  XAAUDIT.HDFS.LOCAL_BUFFER_DIRECTORY=/var/log/hbase/audit/%app-type%
+#  XAAUDIT.HDFS.LOCAL_ARCHIVE_DIRECTORY=/var/log/hbase/audit/archive/%app-type%
+#
+XAAUDIT.HDFS.IS_ENABLED=false
+XAAUDIT.HDFS.DESTINATION_DIRECTORY=hdfs://__REPLACE__NAME_NODE_HOST:8020/ranger/audit/%app-type%/%time:yyyyMMdd%
+XAAUDIT.HDFS.LOCAL_BUFFER_DIRECTORY=__REPLACE__LOG_DIR/hbase/audit/%app-type%
+XAAUDIT.HDFS.LOCAL_ARCHIVE_DIRECTORY=__REPLACE__LOG_DIR/hbase/audit/archive/%app-type%
+
+XAAUDIT.HDFS.DESTINTATION_FILE=%hostname%-audit.log
+XAAUDIT.HDFS.DESTINTATION_FLUSH_INTERVAL_SECONDS=900
+XAAUDIT.HDFS.DESTINTATION_ROLLOVER_INTERVAL_SECONDS=86400
+XAAUDIT.HDFS.DESTINTATION_OPEN_RETRY_INTERVAL_SECONDS=60
+XAAUDIT.HDFS.LOCAL_BUFFER_FILE=%time:yyyyMMdd-HHmm.ss%.log
+XAAUDIT.HDFS.LOCAL_BUFFER_FLUSH_INTERVAL_SECONDS=60
+XAAUDIT.HDFS.LOCAL_BUFFER_ROLLOVER_INTERVAL_SECONDS=600
+XAAUDIT.HDFS.LOCAL_ARCHIVE_MAX_FILE_COUNT=10
+
+#
 # SSL Client Certificate Information
 #
 # Example:
-# SSL_KEYSTORE_FILE_PATH=/etc/xasecure/conf/xasecure-hbase-client.jks
+# SSL_KEYSTORE_FILE_PATH=/etc/hbase/conf/ranger-plugin-keystore.jks
 # SSL_KEYSTORE_PASSWORD=none
-# SSL_TRUSTSTORE_FILE_PATH=/etc/xasecure/conf/xasecure-truststore.jks
+# SSL_TRUSTSTORE_FILE_PATH=/etc/hbase/conf/ranger-plugin-truststore.jks
 # SSL_TRUSTSTORE_PASSWORD=none
-
 #
 # You do not need use SSL between agent and security admin tool, please leave these sample value as it is.
 #
-
-SSL_KEYSTORE_FILE_PATH=agentKey.jks
+SSL_KEYSTORE_FILE_PATH=/etc/hbase/conf/ranger-plugin-keystore.jks
 SSL_KEYSTORE_PASSWORD=myKeyFilePassword
-SSL_TRUSTSTORE_FILE_PATH=cacert
+SSL_TRUSTSTORE_FILE_PATH=/etc/hbase/conf/ranger-plugin-truststore.jks
 SSL_TRUSTSTORE_PASSWORD=changeit
 
 #
@@ -87,25 +113,3 @@ SSL_TRUSTSTORE_PASSWORD=changeit
 #     UPDATE_XAPOLICIES_ON_GRANT_REVOKE=false
 #
 UPDATE_XAPOLICIES_ON_GRANT_REVOKE=true
-
-#
-# Enable DB auditing
-#
-XAAUDIT.DB.IS_ENABLED=false
-
-
-#
-#  Audit to HDFS
-#
-XAAUDIT.HDFS.IS_ENABLED=true
-XAAUDIT.HDFS.DESTINATION_DIRECTORY=hdfs://namenodehost:8020/ranger/audit/%app-type%/%time:yyyyMMdd%
-XAAUDIT.HDFS.DESTINTATION_FILE=%hostname%-audit.log
-XAAUDIT.HDFS.DESTINTATION_FLUSH_INTERVAL_SECONDS=900
-XAAUDIT.HDFS.DESTINTATION_ROLLOVER_INTERVAL_SECONDS=86400
-XAAUDIT.HDFS.DESTINTATION_OPEN_RETRY_INTERVAL_SECONDS=60
-XAAUDIT.HDFS.LOCAL_BUFFER_DIRECTORY=/var/log/hbase/audit/%app-type%
-XAAUDIT.HDFS.LOCAL_BUFFER_FILE=%time:yyyyMMdd-HHmm.ss%.log
-XAAUDIT.HDFS.LOCAL_BUFFER_FLUSH_INTERVAL_SECONDS=60
-XAAUDIT.HDFS.LOCAL_BUFFER_ROLLOVER_INTERVAL_SECONDS=600
-XAAUDIT.HDFS.LOCAL_ARCHIVE_DIRECTORY=/var/log/hbase/audit/archive/%app-type%
-XAAUDIT.HDFS.LOCAL_ARCHIVE_MAX_FILE_COUNT=10

http://git-wip-us.apache.org/repos/asf/incubator-argus/blob/44722c61/hdfs-agent/conf/xasecure-audit.xml
----------------------------------------------------------------------
diff --git a/hdfs-agent/conf/xasecure-audit.xml b/hdfs-agent/conf/xasecure-audit.xml
index 36f7e24..28261ec 100644
--- a/hdfs-agent/conf/xasecure-audit.xml
+++ b/hdfs-agent/conf/xasecure-audit.xml
@@ -31,12 +31,12 @@
 	<!-- DB audit provider configuration -->
 	<property>
 		<name>xasecure.audit.db.is.enabled</name>
-		<value>true</value>
+		<value>false</value>
 	</property>	
 
 	<property>
 		<name>xasecure.audit.db.is.async</name>
-		<value>false</value>
+		<value>true</value>
 	</property>	
 
 	<property>
@@ -57,12 +57,12 @@
 	<!--  Properties whose name begin with "xasecure.audit.jpa." are used to configure JPA -->
 	<property>
 		<name>xasecure.audit.jpa.javax.persistence.jdbc.url</name>
-		<value>jdbc:mysql://localhost:3306/xa_db</value>
+		<value>jdbc:mysql://localhost:3306/ranger_audit</value>
 	</property>
 
 	<property>
 		<name>xasecure.audit.jpa.javax.persistence.jdbc.user</name>
-		<value>xaaudit</value>
+		<value>rangerlogger</value>
 	</property>
 
 	<property>
@@ -77,7 +77,7 @@
 	
 	<property>
 		<name>xasecure.audit.credential.provider.file</name>
-		<value>jceks://file/etc/xasecure/conf/auditcred.jceks</value>
+		<value>jceks://file/etc/ranger/hadoopdev/auditcred.jceks</value>
 	</property>
 
 
@@ -109,7 +109,7 @@
 
 	<property>
 		<name>xasecure.audit.hdfs.config.destination.directory</name>
-		<value>hdfs://namenodehost:8020/ranger/audit/%app-type%/%time:yyyyMMdd%</value>
+		<value>hdfs://NAMENODE_HOST:8020/ranger/audit/%app-type%/%time:yyyyMMdd%</value>
 	</property>	
 
 	<property>
@@ -167,6 +167,7 @@
 		<value>10</value>
 	</property>	
 
+
 	<!-- Log4j audit provider configuration -->
 	<property>
 		<name>xasecure.audit.log4j.is.enabled</name>
@@ -187,5 +188,4 @@
 		<name>xasecure.audit.log4j.async.max.flush.interval.ms</name>
 		<value>30000</value>
 	</property>	
-	
 </configuration>

http://git-wip-us.apache.org/repos/asf/incubator-argus/blob/44722c61/hdfs-agent/scripts/install.properties
----------------------------------------------------------------------
diff --git a/hdfs-agent/scripts/install.properties b/hdfs-agent/scripts/install.properties
index 80cef6c..93790e3 100644
--- a/hdfs-agent/scripts/install.properties
+++ b/hdfs-agent/scripts/install.properties
@@ -16,23 +16,18 @@
 #
 # Location of Policy Manager URL  
 #
-#
 # Example:
 # POLICY_MGR_URL=http://policymanager.xasecure.net:6080
 #
-
 POLICY_MGR_URL=
 
-# Example:
-# XAAUDIT.DB.FLAVOUR=MYSQL
-# XAAUDIT.DB.FLAVOUR=ORACLE
-XAAUDIT.DB.FLAVOUR=MYSQL
-
 #
 # Location of db client library (please check the location of the jar file)
 #
-#SQL_CONNECTOR_JAR=/usr/share/java/mysql-connector-java.jar
-#SQL_CONNECTOR_JAR=/usr/share/java/ojdbc6.jar
+# Example:
+# SQL_CONNECTOR_JAR=/usr/share/java/mysql-connector-java.jar
+# SQL_CONNECTOR_JAR=/usr/share/java/ojdbc6.jar
+#
 SQL_CONNECTOR_JAR=/usr/share/java/mysql-connector-java.jar
 
 #
@@ -41,63 +36,71 @@ SQL_CONNECTOR_JAR=/usr/share/java/mysql-connector-java.jar
 # Example:
 # REPOSITORY_NAME=hadoopdev
 #
-
 REPOSITORY_NAME=
 
-
 #
 # AUDIT DB Configuration
 # 
 #  This information should match with the one you specified during the PolicyManager Installation
 # 
 # Example:
+# XAAUDIT.DB.IS_ENABLED=true
+# XAAUDIT.DB.FLAVOUR=MYSQL
+# XAAUDIT.DB.FLAVOUR=ORACLE
 # XAAUDIT.DB.HOSTNAME=localhost
-# XAAUDIT.DB.DATABASE_NAME=xasecure
-# XAAUDIT.DB.USER_NAME=xalogger
-# XAAUDIT.DB.PASSWORD=xalogger
-
-
-
+# XAAUDIT.DB.DATABASE_NAME=ranger_audit
+# XAAUDIT.DB.USER_NAME=rangerlogger
+# XAAUDIT.DB.PASSWORD=rangerlogger
+#
+XAAUDIT.DB.IS_ENABLED=false
+XAAUDIT.DB.FLAVOUR=MYSQL
 XAAUDIT.DB.HOSTNAME=
 XAAUDIT.DB.DATABASE_NAME=
 XAAUDIT.DB.USER_NAME=
 XAAUDIT.DB.PASSWORD=
 
 #
-# SSL Client Certificate Information
+#  Audit to HDFS Configuration
 #
-# Example:
-# SSL_KEYSTORE_FILE_PATH=/etc/xasecure/conf/xasecure-hadoop-client.jks
-# SSL_KEYSTORE_PASSWORD=none
-# SSL_TRUSTSTORE_FILE_PATH=/etc/xasecure/conf/xasecure-truststore.jks
-# SSL_TRUSTSTORE_PASSWORD=none
-
+# If XAAUDIT.HDFS.IS_ENABLED is set to true, please replace tokens
+# that start with __REPLACE__ with appropriate values
+#  XAAUDIT.HDFS.IS_ENABLED=true
+#  XAAUDIT.HDFS.DESTINATION_DIRECTORY=hdfs://__REPLACE__NAME_NODE_HOST:8020/ranger/audit/%app-type%/%time:yyyyMMdd%
+#  XAAUDIT.HDFS.LOCAL_BUFFER_DIRECTORY=__REPLACE__LOG_DIR/hadoop/%app-type%/audit
+#  XAAUDIT.HDFS.LOCAL_ARCHIVE_DIRECTORY=__REPLACE__LOG_DIR/hadoop/%app-type%/audit/archive
 #
-# You do not need use SSL between agent and security admin tool, please leave these sample value as it is.
-#
-
-SSL_KEYSTORE_FILE_PATH=agentKey.jks
-SSL_KEYSTORE_PASSWORD=myKeyFilePassword
-SSL_TRUSTSTORE_FILE_PATH=cacert
-SSL_TRUSTSTORE_PASSWORD=changeit
-
-#
-# Enable DB auditing
-#
-XAAUDIT.DB.IS_ENABLED=true
-
-#
-#  Audit to HDFS
+# Example:
+#  XAAUDIT.HDFS.IS_ENABLED=true
+#  XAAUDIT.HDFS.DESTINATION_DIRECTORY=hdfs://namenode.example.com:8020/ranger/audit/%app-type%/%time:yyyyMMdd%
+#  XAAUDIT.HDFS.LOCAL_BUFFER_DIRECTORY=/var/log/hadoop/%app-type%/audit
+#  XAAUDIT.HDFS.LOCAL_ARCHIVE_DIRECTORY=/var/log/hadoop/%app-type%/audit/archive
 #
 XAAUDIT.HDFS.IS_ENABLED=false
-XAAUDIT.HDFS.DESTINATION_DIRECTORY=hdfs://namenodehost:8020/ranger/audit/%app-type%/%time:yyyyMMdd%
+XAAUDIT.HDFS.DESTINATION_DIRECTORY=hdfs://__REPLACE__NAME_NODE_HOST:8020/ranger/audit/%app-type%/%time:yyyyMMdd%
+XAAUDIT.HDFS.LOCAL_BUFFER_DIRECTORY=__REPLACE__LOG_DIR/hadoop/%app-type%/audit
+XAAUDIT.HDFS.LOCAL_ARCHIVE_DIRECTORY=__REPLACE__LOG_DIR/hadoop/%app-type%/audit/archive
+
 XAAUDIT.HDFS.DESTINTATION_FILE=%hostname%-audit.log
 XAAUDIT.HDFS.DESTINTATION_FLUSH_INTERVAL_SECONDS=900
 XAAUDIT.HDFS.DESTINTATION_ROLLOVER_INTERVAL_SECONDS=86400
 XAAUDIT.HDFS.DESTINTATION_OPEN_RETRY_INTERVAL_SECONDS=60
-XAAUDIT.HDFS.LOCAL_BUFFER_DIRECTORY=/var/log/hadoop/%app-type%/audit
 XAAUDIT.HDFS.LOCAL_BUFFER_FILE=%time:yyyyMMdd-HHmm.ss%.log
 XAAUDIT.HDFS.LOCAL_BUFFER_FLUSH_INTERVAL_SECONDS=60
 XAAUDIT.HDFS.LOCAL_BUFFER_ROLLOVER_INTERVAL_SECONDS=600
-XAAUDIT.HDFS.LOCAL_ARCHIVE_DIRECTORY=/var/log/hadoop/%app-type%/audit/archive
 XAAUDIT.HDFS.LOCAL_ARCHIVE_MAX_FILE_COUNT=10
+
+#
+# SSL Client Certificate Information
+#
+# Example:
+# SSL_KEYSTORE_FILE_PATH=/etc/hadoop/conf/ranger-plugin-keystore.jks
+# SSL_KEYSTORE_PASSWORD=none
+# SSL_TRUSTSTORE_FILE_PATH=/etc/hadoop/conf/ranger-plugin-truststore.jks
+# SSL_TRUSTSTORE_PASSWORD=none
+#
+# You do not need use SSL between agent and security admin tool, please leave these sample value as it is.
+#
+SSL_KEYSTORE_FILE_PATH=/etc/hadoop/conf/ranger-plugin-keystore.jks
+SSL_KEYSTORE_PASSWORD=myKeyFilePassword
+SSL_TRUSTSTORE_FILE_PATH=/etc/hadoop/conf/ranger-plugin-truststore.jks
+SSL_TRUSTSTORE_PASSWORD=changeit

http://git-wip-us.apache.org/repos/asf/incubator-argus/blob/44722c61/hive-agent/conf/xasecure-audit.xml
----------------------------------------------------------------------
diff --git a/hive-agent/conf/xasecure-audit.xml b/hive-agent/conf/xasecure-audit.xml
index 4152c05..047cd96 100644
--- a/hive-agent/conf/xasecure-audit.xml
+++ b/hive-agent/conf/xasecure-audit.xml
@@ -17,76 +17,26 @@
 -->
 <?xml-stylesheet type="text/xsl" href="configuration.xsl"?>
 <configuration xmlns:xi="http://www.w3.org/2001/XInclude">
-
-	<property>
-		<name>xasecure.audit.provider.factory</name>
-		<value>com.xasecure.audit.provider.AuditProviderFactory</value>
-	</property>
-
-	<!--  Properties whose name begin with "xasecure.audit." are used to configure JPA -->
-	<property>
-		<name>xasecure.audit.jpa.javax.persistence.jdbc.url</name>
-		<value>jdbc:mysql://localhost:3306/xa_db</value>
-	</property>
-
-	<property>
-		<name>xasecure.audit.jpa.javax.persistence.jdbc.user</name>
-		<value>xaaudit</value>
-	</property>
-
-	<property>
-		<name>xasecure.audit.jpa.javax.persistence.jdbc.password</name>
-		<value>none</value>
-	</property>
-
-	<property>
-		<name>xasecure.audit.jpa.javax.persistence.jdbc.driver</name>
-		<value>com.mysql.jdbc.Driver</value>
-	</property>
-
-    <property>
-		<name>xasecure.audit.credential.provider.file</name>
-		<value>jceks://file/etc/xasecure/conf/auditcred.jceks</value>
-	</property>
-	
-	<property>
-		<name>xasecure.audit.repository.name</name>
-		<value>hadoopdev</value>
-	</property>	
-	
 	<property>
 		<name>xasecure.audit.is.enabled</name>
 		<value>true</value>
 	</property>	
-
-	<property>
-		<name>xasecure.audit.log4j.is.enabled</name>
-		<value>false</value>
-	</property>	
-
-	<property>
-		<name>xasecure.audit.log4j.is.async</name>
-		<value>false</value>
-	</property>	
 	
 	<property>
-		<name>xasecure.audit.log4j.async.max.queue.size</name>
-		<value>10240</value>
-	</property>	
-
-	<property>
-		<name>xasecure.audit.log4j.async.max.flush.interval.ms</name>
-		<value>30000</value>
+		<name>xasecure.audit.repository.name</name>
+		<value>hivedev</value>
 	</property>	
 	
+
+	<!-- DB audit provider configuration -->
 	<property>
 		<name>xasecure.audit.db.is.enabled</name>
-		<value>true</value>
+		<value>false</value>
 	</property>	
 	
 	<property>
 		<name>xasecure.audit.db.is.async</name>
-		<value>false</value>
+		<value>true</value>
 	</property>	
 	
 	<property>
@@ -104,6 +54,32 @@
 		<value>100</value>
 	</property>	
 
+	<!--  Properties whose name begin with "xasecure.audit.jpa." are used to configure JPA -->
+	<property>
+		<name>xasecure.audit.jpa.javax.persistence.jdbc.url</name>
+		<value>jdbc:mysql://localhost:3306/ranger_audit</value>
+	</property>
+
+	<property>
+		<name>xasecure.audit.jpa.javax.persistence.jdbc.user</name>
+		<value>rangerlogger</value>
+	</property>
+
+	<property>
+		<name>xasecure.audit.jpa.javax.persistence.jdbc.password</name>
+		<value>none</value>
+	</property>
+
+	<property>
+		<name>xasecure.audit.jpa.javax.persistence.jdbc.driver</name>
+		<value>com.mysql.jdbc.Driver</value>
+	</property>
+
+    <property>
+		<name>xasecure.audit.credential.provider.file</name>
+		<value>jceks://file/etc/ranger/hivedev/auditcred.jceks</value>
+	</property>
+
 
 	<!-- HDFS audit provider configuration -->
 	<property>
@@ -133,7 +109,7 @@
 
 	<property>
 		<name>xasecure.audit.hdfs.config.destination.directory</name>
-		<value>hdfs://namenodehost:8020/ranger/audit/%app-type%/%time:yyyyMMdd%</value>
+		<value>hdfs://NAMENODE_HOST:8020/ranger/audit/%app-type%/%time:yyyyMMdd%</value>
 	</property>	
 
 	<property>
@@ -190,4 +166,26 @@
 		<name>xasecure.audit.hdfs.config.local.archive.max.file.count</name>
 		<value>10</value>
 	</property>	
+	
+
+	<!-- Log4j audit provider configuration -->
+	<property>
+		<name>xasecure.audit.log4j.is.enabled</name>
+		<value>false</value>
+	</property>	
+
+	<property>
+		<name>xasecure.audit.log4j.is.async</name>
+		<value>false</value>
+	</property>	
+	
+	<property>
+		<name>xasecure.audit.log4j.async.max.queue.size</name>
+		<value>10240</value>
+	</property>	
+
+	<property>
+		<name>xasecure.audit.log4j.async.max.flush.interval.ms</name>
+		<value>30000</value>
+	</property>	
 </configuration>

http://git-wip-us.apache.org/repos/asf/incubator-argus/blob/44722c61/hive-agent/scripts/install.properties
----------------------------------------------------------------------
diff --git a/hive-agent/scripts/install.properties b/hive-agent/scripts/install.properties
index ecc20be..bbd1849 100644
--- a/hive-agent/scripts/install.properties
+++ b/hive-agent/scripts/install.properties
@@ -16,23 +16,18 @@
 #
 # Location of Policy Manager URL  
 #
-#
 # Example:
 # POLICY_MGR_URL=http://policymanager.xasecure.net:6080
 #
-
 POLICY_MGR_URL=
 
-# Example:
-# XAAUDIT.DB.FLAVOUR=MYSQL
-# XAAUDIT.DB.FLAVOUR=ORACLE
-XAAUDIT.DB.FLAVOUR=MYSQL
-
 #
 # Location of db client library (please check the location of the jar file)
 #
-#SQL_CONNECTOR_JAR=/usr/share/java/mysql-connector-java.jar
-#SQL_CONNECTOR_JAR=/usr/share/java/ojdbc6.jar
+# Example:
+# SQL_CONNECTOR_JAR=/usr/share/java/mysql-connector-java.jar
+# SQL_CONNECTOR_JAR=/usr/share/java/ojdbc6.jar
+#
 SQL_CONNECTOR_JAR=/usr/share/java/mysql-connector-java.jar
 
 #
@@ -41,7 +36,6 @@ SQL_CONNECTOR_JAR=/usr/share/java/mysql-connector-java.jar
 # Example:
 # REPOSITORY_NAME=hivedev
 #
-
 REPOSITORY_NAME=
 
 #
@@ -50,33 +44,65 @@ REPOSITORY_NAME=
 #  This information should match with the one you specified during the PolicyManager Installation
 # 
 # Example:
+# XAAUDIT.DB.IS_ENABLED=true
+# XAAUDIT.DB.FLAVOUR=MYSQL
+# XAAUDIT.DB.FLAVOUR=ORACLE
 # XAAUDIT.DB.HOSTNAME=localhost
-# XAAUDIT.DB.DATABASE_NAME=xasecure
-# XAAUDIT.DB.USER_NAME=xalogger
-# XAAUDIT.DB.PASSWORD=none
-
-
+# XAAUDIT.DB.DATABASE_NAME=ranger_audit
+# XAAUDIT.DB.USER_NAME=rangerlogger
+# XAAUDIT.DB.PASSWORD=rangerlogger
+#
+XAAUDIT.DB.IS_ENABLED=false
+XAAUDIT.DB.FLAVOUR=MYSQL
 XAAUDIT.DB.HOSTNAME=
 XAAUDIT.DB.DATABASE_NAME=
 XAAUDIT.DB.USER_NAME=
 XAAUDIT.DB.PASSWORD=
 
 #
+#  Audit to HDFS Configuration
+#
+# If XAAUDIT.HDFS.IS_ENABLED is set to true, please replace tokens
+# that start with __REPLACE__ with appropriate values
+#  XAAUDIT.HDFS.IS_ENABLED=true
+#  XAAUDIT.HDFS.DESTINATION_DIRECTORY=hdfs://__REPLACE__NAME_NODE_HOST:8020/ranger/audit/%app-type%/%time:yyyyMMdd%
+#  XAAUDIT.HDFS.LOCAL_BUFFER_DIRECTORY=__REPLACE__LOG_DIR/hive/audit/%app-type%
+#  XAAUDIT.HDFS.LOCAL_ARCHIVE_DIRECTORY=__REPLACE__LOG_DIR/hive/audit/archive/%app-type%
+#
+# Example:
+#  XAAUDIT.HDFS.IS_ENABLED=true
+#  XAAUDIT.HDFS.DESTINATION_DIRECTORY=hdfs://namenode.example.com:8020/ranger/audit/%app-type%/%time:yyyyMMdd%
+#  XAAUDIT.HDFS.LOCAL_BUFFER_DIRECTORY=/var/log/hive/audit/%app-type%
+#  XAAUDIT.HDFS.LOCAL_ARCHIVE_DIRECTORY=/var/log/hive/audit/archive/%app-type%
+#
+XAAUDIT.HDFS.IS_ENABLED=false
+XAAUDIT.HDFS.DESTINATION_DIRECTORY=hdfs://__REPLACE__NAME_NODE_HOST:8020/ranger/audit/%app-type%/%time:yyyyMMdd%
+XAAUDIT.HDFS.LOCAL_BUFFER_DIRECTORY=__REPLACE__LOG_DIR/hive/audit/%app-type%
+XAAUDIT.HDFS.LOCAL_ARCHIVE_DIRECTORY=__REPLACE__LOG_DIR/hive/audit/archive/%app-type%
+
+XAAUDIT.HDFS.DESTINTATION_FILE=%hostname%-audit.log
+XAAUDIT.HDFS.DESTINTATION_FLUSH_INTERVAL_SECONDS=900
+XAAUDIT.HDFS.DESTINTATION_ROLLOVER_INTERVAL_SECONDS=86400
+XAAUDIT.HDFS.DESTINTATION_OPEN_RETRY_INTERVAL_SECONDS=60
+XAAUDIT.HDFS.LOCAL_BUFFER_FILE=%time:yyyyMMdd-HHmm.ss%.log
+XAAUDIT.HDFS.LOCAL_BUFFER_FLUSH_INTERVAL_SECONDS=60
+XAAUDIT.HDFS.LOCAL_BUFFER_ROLLOVER_INTERVAL_SECONDS=600
+XAAUDIT.HDFS.LOCAL_ARCHIVE_MAX_FILE_COUNT=10
+
+#
 # SSL Client Certificate Information
 #
 # Example:
-# SSL_KEYSTORE_FILE_PATH=/etc/xasecure/conf/xasecure-hive-client.jks
+# SSL_KEYSTORE_FILE_PATH=/etc/hive/conf/ranger-plugin-keystore.jks
 # SSL_KEYSTORE_PASSWORD=none
-# SSL_TRUSTSTORE_FILE_PATH=/etc/xasecure/conf/xasecure-truststore.jks
+# SSL_TRUSTSTORE_FILE_PATH=/etc/hive/conf/ranger-plugin-truststore.jks
 # SSL_TRUSTSTORE_PASSWORD=none
-
 #
 # You do not need use SSL between agent and security admin tool, please leave these sample value as it is.
 #
-
-SSL_KEYSTORE_FILE_PATH=agentKey.jks
+SSL_KEYSTORE_FILE_PATH=/etc/hive/conf/ranger-plugin-keystore.jks
 SSL_KEYSTORE_PASSWORD=myKeyFilePassword
-SSL_TRUSTSTORE_FILE_PATH=cacert
+SSL_TRUSTSTORE_FILE_PATH=/etc/hive/conf/ranger-plugin-truststore.jks
 SSL_TRUSTSTORE_PASSWORD=changeit
 
 #
@@ -87,24 +113,3 @@ SSL_TRUSTSTORE_PASSWORD=changeit
 #     UPDATE_XAPOLICIES_ON_GRANT_REVOKE=false
 #
 UPDATE_XAPOLICIES_ON_GRANT_REVOKE=true
-
-#
-# Enable DB auditing
-#
-XAAUDIT.DB.IS_ENABLED=true
-
-#
-#  Audit to HDFS
-#
-XAAUDIT.HDFS.IS_ENABLED=false
-XAAUDIT.HDFS.DESTINATION_DIRECTORY=hdfs://namenodehost:8020/ranger/audit/%app-type%/%time:yyyyMMdd%
-XAAUDIT.HDFS.DESTINTATION_FILE=%hostname%-audit.log
-XAAUDIT.HDFS.DESTINTATION_FLUSH_INTERVAL_SECONDS=900
-XAAUDIT.HDFS.DESTINTATION_ROLLOVER_INTERVAL_SECONDS=86400
-XAAUDIT.HDFS.DESTINTATION_OPEN_RETRY_INTERVAL_SECONDS=60
-XAAUDIT.HDFS.LOCAL_BUFFER_DIRECTORY=/var/log/hive/audit/%app-type%
-XAAUDIT.HDFS.LOCAL_BUFFER_FILE=%time:yyyyMMdd-HHmm.ss%.log
-XAAUDIT.HDFS.LOCAL_BUFFER_FLUSH_INTERVAL_SECONDS=60
-XAAUDIT.HDFS.LOCAL_BUFFER_ROLLOVER_INTERVAL_SECONDS=600
-XAAUDIT.HDFS.LOCAL_ARCHIVE_DIRECTORY=/var/log/hive/audit/archive/%app-type%
-XAAUDIT.HDFS.LOCAL_ARCHIVE_MAX_FILE_COUNT=10

http://git-wip-us.apache.org/repos/asf/incubator-argus/blob/44722c61/knox-agent/conf/xasecure-audit.xml
----------------------------------------------------------------------
diff --git a/knox-agent/conf/xasecure-audit.xml b/knox-agent/conf/xasecure-audit.xml
index bd2cedb..d16899f 100644
--- a/knox-agent/conf/xasecure-audit.xml
+++ b/knox-agent/conf/xasecure-audit.xml
@@ -17,71 +17,26 @@
 -->
 <?xml-stylesheet type="text/xsl" href="configuration.xsl"?>
 <configuration xmlns:xi="http://www.w3.org/2001/XInclude">
-
-	<property>
-		<name>xasecure.audit.provider.factory</name>
-		<value>com.xasecure.audit.provider.AuditProviderFactory</value>
-	</property>
-
-	<!--  Properties whose name begin with "xasecure.audit." are used to configure JPA -->
-	<property>
-		<name>xasecure.audit.jpa.javax.persistence.jdbc.url</name>
-		<value>jdbc:mysql://localhost:3306/xasecure_audit</value>
-	</property>
-
-	<property>
-		<name>xasecure.audit.jpa.javax.persistence.jdbc.user</name>
-		<value>xalogger</value>
-	</property>
-
-	<property>
-		<name>xasecure.audit.jpa.javax.persistence.jdbc.password</name>
-		<value>crypted</value>
-	</property>
-
-	<property>
-		<name>xasecure.audit.jpa.javax.persistence.jdbc.driver</name>
-		<value>com.mysql.jdbc.Driver</value>
-	</property>
-
-	<property>
-		<name>xasecure.audit.repository.name</name>
-		<value>knoxdev</value>
-	</property>	
-	
 	<property>
 		<name>xasecure.audit.is.enabled</name>
 		<value>true</value>
 	</property>	
 
 	<property>
-		<name>xasecure.audit.log4j.is.enabled</name>
-		<value>false</value>
-	</property>	
-
-	<property>
-		<name>xasecure.audit.log4j.is.async</name>
-		<value>false</value>
+		<name>xasecure.audit.repository.name</name>
+		<value>knoxdev</value>
 	</property>	
 	
-	<property>
-		<name>xasecure.audit.log4j.async.max.queue.size</name>
-		<value>10240</value>
-	</property>	
 
-	<property>
-		<name>xasecure.audit.log4j.async.max.flush.interval.ms</name>
-		<value>30000</value>
-	</property>	
-	
+	<!-- DB audit provider configuration -->
 	<property>
 		<name>xasecure.audit.db.is.enabled</name>
-		<value>true</value>
+		<value>false</value>
 	</property>	
 	
 	<property>
 		<name>xasecure.audit.db.is.async</name>
-		<value>false</value>
+		<value>true</value>
 	</property>	
 	
 	<property>
@@ -99,6 +54,32 @@
 		<value>100</value>
 	</property>	
 
+	<!--  Properties whose name begin with "xasecure.audit.jpa." are used to configure JPA -->
+	<property>
+		<name>xasecure.audit.jpa.javax.persistence.jdbc.url</name>
+		<value>jdbc:mysql://localhost:3306/ranger_audit</value>
+	</property>
+
+	<property>
+		<name>xasecure.audit.jpa.javax.persistence.jdbc.user</name>
+		<value>rangerlogger</value>
+	</property>
+
+	<property>
+		<name>xasecure.audit.jpa.javax.persistence.jdbc.password</name>
+		<value>none</value>
+	</property>
+
+	<property>
+		<name>xasecure.audit.jpa.javax.persistence.jdbc.driver</name>
+		<value>com.mysql.jdbc.Driver</value>
+	</property>
+
+	<property>
+		<name>xasecure.audit.credential.provider.file</name>
+		<value>jceks://file/etc/ranger/knoxdev/auditcred.jceks</value>
+	</property>
+
 
 	<!-- HDFS audit provider configuration -->
 	<property>
@@ -128,7 +109,7 @@
 
 	<property>
 		<name>xasecure.audit.hdfs.config.destination.directory</name>
-		<value>hdfs://namenodehost:8020/ranger/audit/%app-type%/%time:yyyyMMdd%</value>
+		<value>hdfs://NAMENODE_HOST:8020/ranger/audit/%app-type%/%time:yyyyMMdd%</value>
 	</property>	
 
 	<property>
@@ -185,4 +166,26 @@
 		<name>xasecure.audit.hdfs.config.local.archive.max.file.count</name>
 		<value>10</value>
 	</property>	
+
+
+	<!-- Log4j audit provider configuration -->
+	<property>
+		<name>xasecure.audit.log4j.is.enabled</name>
+		<value>false</value>
+	</property>	
+
+	<property>
+		<name>xasecure.audit.log4j.is.async</name>
+		<value>false</value>
+	</property>	
+	
+	<property>
+		<name>xasecure.audit.log4j.async.max.queue.size</name>
+		<value>10240</value>
+	</property>	
+
+	<property>
+		<name>xasecure.audit.log4j.async.max.flush.interval.ms</name>
+		<value>30000</value>
+	</property>	
 </configuration>

http://git-wip-us.apache.org/repos/asf/incubator-argus/blob/44722c61/knox-agent/scripts/install.properties
----------------------------------------------------------------------
diff --git a/knox-agent/scripts/install.properties b/knox-agent/scripts/install.properties
index bf42b0d..d821c5d 100644
--- a/knox-agent/scripts/install.properties
+++ b/knox-agent/scripts/install.properties
@@ -16,23 +16,18 @@
 #
 # Location of Policy Manager URL  
 #
-#
 # Example:
 # POLICY_MGR_URL=http://policymanager.xasecure.net:6080
 #
-
 POLICY_MGR_URL=
 
-# Example:
-# XAAUDIT.DB.FLAVOUR=MYSQL
-# XAAUDIT.DB.FLAVOUR=ORACLE
-XAAUDIT.DB.FLAVOUR=MYSQL
-
 #
 # Location of db client library (please check the location of the jar file)
 #
-#SQL_CONNECTOR_JAR=/usr/share/java/mysql-connector-java.jar
-#SQL_CONNECTOR_JAR=/usr/share/java/ojdbc6.jar
+# Example:
+# SQL_CONNECTOR_JAR=/usr/share/java/mysql-connector-java.jar
+# SQL_CONNECTOR_JAR=/usr/share/java/ojdbc6.jar
+#
 SQL_CONNECTOR_JAR=/usr/share/java/mysql-connector-java.jar
 
 #
@@ -41,7 +36,6 @@ SQL_CONNECTOR_JAR=/usr/share/java/mysql-connector-java.jar
 # Example:
 # REPOSITORY_NAME=knoxdev
 #
-
 REPOSITORY_NAME=
 
 # KNOX_HOME directory, would contain conf/, ext/ subdirectories
@@ -53,54 +47,63 @@ KNOX_HOME=
 #  This information should match with the one you specified during the PolicyManager Installation
 # 
 # Example:
+# XAAUDIT.DB.IS_ENABLED=true
+# XAAUDIT.DB.FLAVOUR=MYSQL
+# XAAUDIT.DB.FLAVOUR=ORACLE
 # XAAUDIT.DB.HOSTNAME=localhost
-# XAAUDIT.DB.DATABASE_NAME=xasecure_audit
-# XAAUDIT.DB.USER_NAME=xalogger
-# XAAUDIT.DB.PASSWORD=xalogger
-#
+# XAAUDIT.DB.DATABASE_NAME=ranger_audit
+# XAAUDIT.DB.USER_NAME=rangerlogger
+# XAAUDIT.DB.PASSWORD=rangerlogger
 #
-
+XAAUDIT.DB.IS_ENABLED=false
+XAAUDIT.DB.FLAVOUR=MYSQL
 XAAUDIT.DB.HOSTNAME=
 XAAUDIT.DB.DATABASE_NAME=
 XAAUDIT.DB.USER_NAME=
 XAAUDIT.DB.PASSWORD=
 
-
 #
-# SSL Client Certificate Information
+#  Audit to HDFS Configuration
 #
-# Example:
-# SSL_KEYSTORE_FILE_PATH=/etc/xasecure/conf/xasecure-hadoop-client.jks
-# SSL_KEYSTORE_PASSWORD=clientdb01
-# SSL_TRUSTSTORE_FILE_PATH=/etc/xasecure/conf/xasecure-truststore.jks
-# SSL_TRUSTSTORE_PASSWORD=changeit
-
-#
-# You do not need use SSL between agent and security admin tool, please leave these sample value as it is.
+# If XAAUDIT.HDFS.IS_ENABLED is set to true, please replace tokens
+# that start with __REPLACE__ with appropriate values
+#  XAAUDIT.HDFS.IS_ENABLED=true
+#  XAAUDIT.HDFS.DESTINATION_DIRECTORY=hdfs://__REPLACE__NAME_NODE_HOST:8020/ranger/audit/%app-type%/%time:yyyyMMdd%
+#  XAAUDIT.HDFS.LOCAL_BUFFER_DIRECTORY=__REPLACE__LOG_DIR/knox/audit
+#  XAAUDIT.HDFS.LOCAL_ARCHIVE_DIRECTORY=__REPLACE__LOG_DIR/knox/audit/archive
 #
-
-SSL_KEYSTORE_FILE_PATH=agentKey.jks
-SSL_KEYSTORE_PASSWORD=myKeyFilePassword
-SSL_TRUSTSTORE_FILE_PATH=cacert
-SSL_TRUSTSTORE_PASSWORD=changeit
-
-#
-# Enable DB auditing
-#
-XAAUDIT.DB.IS_ENABLED=true
-
-#
-#  Audit to HDFS
+# Example:
+#  XAAUDIT.HDFS.IS_ENABLED=true
+#  XAAUDIT.HDFS.DESTINATION_DIRECTORY=hdfs://namenode.example.com:8020/ranger/audit/%app-type%/%time:yyyyMMdd%
+#  XAAUDIT.HDFS.LOCAL_BUFFER_DIRECTORY=/var/log/knox/audit
+#  XAAUDIT.HDFS.LOCAL_ARCHIVE_DIRECTORY=/var/log/knox/audit/archive
 #
 XAAUDIT.HDFS.IS_ENABLED=false
-XAAUDIT.HDFS.DESTINATION_DIRECTORY=hdfs://namenodehost:8020/ranger/audit/%app-type%/%time:yyyyMMdd%
+XAAUDIT.HDFS.DESTINATION_DIRECTORY=hdfs://__REPLACE__NAME_NODE_HOST:8020/ranger/audit/%app-type%/%time:yyyyMMdd%
+XAAUDIT.HDFS.LOCAL_BUFFER_DIRECTORY=__REPLACE__LOG_DIR/knox/audit
+XAAUDIT.HDFS.LOCAL_ARCHIVE_DIRECTORY=__REPLACE__LOG_DIR/knox/audit/archive
+
 XAAUDIT.HDFS.DESTINTATION_FILE=%hostname%-audit.log
 XAAUDIT.HDFS.DESTINTATION_FLUSH_INTERVAL_SECONDS=900
 XAAUDIT.HDFS.DESTINTATION_ROLLOVER_INTERVAL_SECONDS=86400
 XAAUDIT.HDFS.DESTINTATION_OPEN_RETRY_INTERVAL_SECONDS=60
-XAAUDIT.HDFS.LOCAL_BUFFER_DIRECTORY=/var/log/knox/audit
 XAAUDIT.HDFS.LOCAL_BUFFER_FILE=%time:yyyyMMdd-HHmm.ss%.log
 XAAUDIT.HDFS.LOCAL_BUFFER_FLUSH_INTERVAL_SECONDS=60
 XAAUDIT.HDFS.LOCAL_BUFFER_ROLLOVER_INTERVAL_SECONDS=600
-XAAUDIT.HDFS.LOCAL_ARCHIVE_DIRECTORY=/var/log/knox/audit/archive
 XAAUDIT.HDFS.LOCAL_ARCHIVE_MAX_FILE_COUNT=10
+
+#
+# SSL Client Certificate Information
+#
+# Example:
+# SSL_KEYSTORE_FILE_PATH=/etc/knox/conf/ranger-plugin-keystore.jks
+# SSL_KEYSTORE_PASSWORD=none
+# SSL_TRUSTSTORE_FILE_PATH=/etc/knox/conf/ranger-plugin-truststore.jks
+# SSL_TRUSTSTORE_PASSWORD=none
+#
+# You do not need use SSL between agent and security admin tool, please leave these sample value as it is.
+#
+SSL_KEYSTORE_FILE_PATH=/etc/knox/conf/ranger-plugin-keystore.jks
+SSL_KEYSTORE_PASSWORD=myKeyFilePassword
+SSL_TRUSTSTORE_FILE_PATH=/etc/knox/conf/ranger-plugin-truststore.jks
+SSL_TRUSTSTORE_PASSWORD=changeit

http://git-wip-us.apache.org/repos/asf/incubator-argus/blob/44722c61/security-admin/scripts/install.properties
----------------------------------------------------------------------
diff --git a/security-admin/scripts/install.properties b/security-admin/scripts/install.properties
index 4f9fff8..b835bba 100644
--- a/security-admin/scripts/install.properties
+++ b/security-admin/scripts/install.properties
@@ -64,7 +64,7 @@ db_password=
 # * audit_db must exists in the same ${db_host} as xaserver database ${db_name} 
 # * audit_user must be a different user than db_user (as audit user has access to only audit tables)
 #
-audit_db_name=ranger
+audit_db_name=ranger_audit
 audit_db_user=rangerlogger
 audit_db_password=
 

http://git-wip-us.apache.org/repos/asf/incubator-argus/blob/44722c61/storm-agent/conf/xasecure-audit.xml
----------------------------------------------------------------------
diff --git a/storm-agent/conf/xasecure-audit.xml b/storm-agent/conf/xasecure-audit.xml
index af40b4b..5fbbbbe 100644
--- a/storm-agent/conf/xasecure-audit.xml
+++ b/storm-agent/conf/xasecure-audit.xml
@@ -17,76 +17,26 @@
 -->
 <?xml-stylesheet type="text/xsl" href="configuration.xsl"?>
 <configuration xmlns:xi="http://www.w3.org/2001/XInclude">
-
-	<property>
-		<name>xasecure.audit.provider.factory</name>
-		<value>com.xasecure.audit.provider.AuditProviderFactory</value>
-	</property>
-
-	<!--  Properties whose name begin with "xasecure.audit." are used to configure JPA -->
-	<property>
-		<name>xasecure.audit.jpa.javax.persistence.jdbc.url</name>
-		<value>jdbc:mysql://localhost:3306/xa_db</value>
-	</property>
-
-	<property>
-		<name>xasecure.audit.jpa.javax.persistence.jdbc.user</name>
-		<value>xaaudit</value>
-	</property>
-
-	<property>
-		<name>xasecure.audit.jpa.javax.persistence.jdbc.password</name>
-		<value>none</value>
-	</property>
-
-	<property>
-		<name>xasecure.audit.jpa.javax.persistence.jdbc.driver</name>
-		<value>com.mysql.jdbc.Driver</value>
-	</property>
-
-    <property>
-		<name>xasecure.audit.credential.provider.file</name>
-		<value>jceks://file/etc/xasecure/conf/auditcred.jceks</value>
-	</property>
-	
-	<property>
-		<name>xasecure.audit.repository.name</name>
-		<value>hadoopdev</value>
-	</property>	
-	
 	<property>
 		<name>xasecure.audit.is.enabled</name>
 		<value>true</value>
 	</property>	
 
 	<property>
-		<name>xasecure.audit.log4j.is.enabled</name>
-		<value>false</value>
-	</property>	
-
-	<property>
-		<name>xasecure.audit.log4j.is.async</name>
-		<value>false</value>
+		<name>xasecure.audit.repository.name</name>
+		<value>stormdev</value>
 	</property>	
 	
-	<property>
-		<name>xasecure.audit.log4j.async.max.queue.size</name>
-		<value>10240</value>
-	</property>	
 
-	<property>
-		<name>xasecure.audit.log4j.async.max.flush.interval.ms</name>
-		<value>30000</value>
-	</property>	
-	
+	<!-- DB audit provider configuration -->
 	<property>
 		<name>xasecure.audit.db.is.enabled</name>
-		<value>true</value>
+		<value>false</value>
 	</property>	
 	
 	<property>
 		<name>xasecure.audit.db.is.async</name>
-		<value>false</value>
+		<value>true</value>
 	</property>	
 	
 	<property>
@@ -104,6 +54,33 @@
 		<value>100</value>
 	</property>	
 
+	<!--  Properties whose name begin with "xasecure.audit.jpa." are used to configure JPA -->
+	<property>
+		<name>xasecure.audit.jpa.javax.persistence.jdbc.url</name>
+		<value>jdbc:mysql://localhost:3306/ranger_audit</value>
+	</property>
+
+	<property>
+		<name>xasecure.audit.jpa.javax.persistence.jdbc.user</name>
+		<value>rangerlogger</value>
+	</property>
+
+	<property>
+		<name>xasecure.audit.jpa.javax.persistence.jdbc.password</name>
+		<value>none</value>
+	</property>
+
+	<property>
+		<name>xasecure.audit.jpa.javax.persistence.jdbc.driver</name>
+		<value>com.mysql.jdbc.Driver</value>
+	</property>
+
+    <property>
+		<name>xasecure.audit.credential.provider.file</name>
+		<value>jceks://file/etc/ranger/stormdev/auditcred.jceks</value>
+	</property>
+	
+
 
 	<!-- HDFS audit provider configuration -->
 	<property>
@@ -133,7 +110,7 @@
 
 	<property>
 		<name>xasecure.audit.hdfs.config.destination.directory</name>
-		<value>hdfs://namenodehost:8020/ranger/audit/%app-type%/%time:yyyyMMdd%</value>
+		<value>hdfs://NAMENODE_HOST:8020/ranger/audit/%app-type%/%time:yyyyMMdd%</value>
 	</property>	
 
 	<property>
@@ -190,4 +167,26 @@
 		<name>xasecure.audit.hdfs.config.local.archive.max.file.count</name>
 		<value>10</value>
 	</property>	
+	
+
+	<!-- Log4j audit provider configuration -->
+	<property>
+		<name>xasecure.audit.log4j.is.enabled</name>
+		<value>false</value>
+	</property>	
+
+	<property>
+		<name>xasecure.audit.log4j.is.async</name>
+		<value>false</value>
+	</property>	
+	
+	<property>
+		<name>xasecure.audit.log4j.async.max.queue.size</name>
+		<value>10240</value>
+	</property>	
+
+	<property>
+		<name>xasecure.audit.log4j.async.max.flush.interval.ms</name>
+		<value>30000</value>
+	</property>	
 </configuration>

http://git-wip-us.apache.org/repos/asf/incubator-argus/blob/44722c61/storm-agent/scripts/install.properties
----------------------------------------------------------------------
diff --git a/storm-agent/scripts/install.properties b/storm-agent/scripts/install.properties
index e9d35fa..28a0fd7 100644
--- a/storm-agent/scripts/install.properties
+++ b/storm-agent/scripts/install.properties
@@ -16,23 +16,18 @@
 #
 # Location of Policy Manager URL  
 #
-#
 # Example:
 # POLICY_MGR_URL=http://policymanager.xasecure.net:6080
 #
-
 POLICY_MGR_URL=
 
-# Example:
-# XAAUDIT.DB.FLAVOUR=MYSQL
-# XAAUDIT.DB.FLAVOUR=ORACLE
-XAAUDIT.DB.FLAVOUR=MYSQL
-
 #
 # Location of db client library (please check the location of the jar file)
 #
-#SQL_CONNECTOR_JAR=/usr/share/java/mysql-connector-java.jar
-#SQL_CONNECTOR_JAR=/usr/share/java/ojdbc6.jar
+# Example:
+# SQL_CONNECTOR_JAR=/usr/share/java/mysql-connector-java.jar
+# SQL_CONNECTOR_JAR=/usr/share/java/ojdbc6.jar
+#
 SQL_CONNECTOR_JAR=/usr/share/java/mysql-connector-java.jar
 
 #
@@ -41,7 +36,6 @@ SQL_CONNECTOR_JAR=/usr/share/java/mysql-connector-java.jar
 # Example:
 # REPOSITORY_NAME=stormdev
 #
-
 REPOSITORY_NAME=
 
 #
@@ -50,52 +44,63 @@ REPOSITORY_NAME=
 #  This information should match with the one you specified during the PolicyManager Installation
 # 
 # Example:
+# XAAUDIT.DB.IS_ENABLED=true
+# XAAUDIT.DB.FLAVOUR=MYSQL
+# XAAUDIT.DB.FLAVOUR=ORACLE
 # XAAUDIT.DB.HOSTNAME=localhost
-# XAAUDIT.DB.DATABASE_NAME=xasecure
-# XAAUDIT.DB.USER_NAME=xalogger
-# XAAUDIT.DB.PASSWORD=none
-
-
+# XAAUDIT.DB.DATABASE_NAME=ranger_audit
+# XAAUDIT.DB.USER_NAME=rangerlogger
+# XAAUDIT.DB.PASSWORD=rangerlogger
+#
+XAAUDIT.DB.IS_ENABLED=false
+XAAUDIT.DB.FLAVOUR=MYSQL
 XAAUDIT.DB.HOSTNAME=
 XAAUDIT.DB.DATABASE_NAME=
 XAAUDIT.DB.USER_NAME=
 XAAUDIT.DB.PASSWORD=
 
 #
-# SSL Client Certificate Information
+#  Audit to HDFS Configuration
 #
-# Example:
-# SSL_KEYSTORE_FILE_PATH=/etc/xasecure/conf/xasecure-storm-client.jks
-# SSL_KEYSTORE_PASSWORD=none
-# SSL_TRUSTSTORE_FILE_PATH=/etc/xasecure/conf/xasecure-truststore.jks
-# SSL_TRUSTSTORE_PASSWORD=none
-
-#
-# You do not need use SSL between agent and security admin tool, please leave these sample value as it is.
+# If XAAUDIT.HDFS.IS_ENABLED is set to true, please replace tokens
+# that start with __REPLACE__ with appropriate values
+#  XAAUDIT.HDFS.IS_ENABLED=true
+#  XAAUDIT.HDFS.DESTINATION_DIRECTORY=hdfs://__REPLACE__NAME_NODE_HOST:8020/ranger/audit/%app-type%/%time:yyyyMMdd%
+#  XAAUDIT.HDFS.LOCAL_BUFFER_DIRECTORY=__REPLACE__LOG_DIR/storm/audit
+#  XAAUDIT.HDFS.LOCAL_ARCHIVE_DIRECTORY=__REPLACE__LOG_DIR/storm/audit/archive
 #
-
-SSL_KEYSTORE_FILE_PATH=agentKey.jks
-SSL_KEYSTORE_PASSWORD=myKeyFilePassword
-SSL_TRUSTSTORE_FILE_PATH=cacert
-SSL_TRUSTSTORE_PASSWORD=changeit
-
-#
-# Enable DB auditing
-#
-XAAUDIT.DB.IS_ENABLED=true
-
-#
-#  Audit to HDFS
+# Example:
+#  XAAUDIT.HDFS.IS_ENABLED=true
+#  XAAUDIT.HDFS.DESTINATION_DIRECTORY=hdfs://namenode.example.com:8020/ranger/audit/%app-type%/%time:yyyyMMdd%
+#  XAAUDIT.HDFS.LOCAL_BUFFER_DIRECTORY=/var/log/storm/audit
+#  XAAUDIT.HDFS.LOCAL_ARCHIVE_DIRECTORY=/var/log/storm/audit/archive
 #
 XAAUDIT.HDFS.IS_ENABLED=false
-XAAUDIT.HDFS.DESTINATION_DIRECTORY=hdfs://namenodehost:8020/ranger/audit/%app-type%/%time:yyyyMMdd%
+XAAUDIT.HDFS.DESTINATION_DIRECTORY=hdfs://__REPLACE__NAME_NODE_HOST:8020/ranger/audit/%app-type%/%time:yyyyMMdd%
+XAAUDIT.HDFS.LOCAL_BUFFER_DIRECTORY=__REPLACE__LOG_DIR/storm/audit
+XAAUDIT.HDFS.LOCAL_ARCHIVE_DIRECTORY=__REPLACE__LOG_DIR/storm/audit/archive
+
 XAAUDIT.HDFS.DESTINTATION_FILE=%hostname%-audit.log
 XAAUDIT.HDFS.DESTINTATION_FLUSH_INTERVAL_SECONDS=900
 XAAUDIT.HDFS.DESTINTATION_ROLLOVER_INTERVAL_SECONDS=86400
 XAAUDIT.HDFS.DESTINTATION_OPEN_RETRY_INTERVAL_SECONDS=60
-XAAUDIT.HDFS.LOCAL_BUFFER_DIRECTORY=/var/log/storm/audit
 XAAUDIT.HDFS.LOCAL_BUFFER_FILE=%time:yyyyMMdd-HHmm.ss%.log
 XAAUDIT.HDFS.LOCAL_BUFFER_FLUSH_INTERVAL_SECONDS=60
 XAAUDIT.HDFS.LOCAL_BUFFER_ROLLOVER_INTERVAL_SECONDS=600
-XAAUDIT.HDFS.LOCAL_ARCHIVE_DIRECTORY=/var/log/storm/audit/archive
 XAAUDIT.HDFS.LOCAL_ARCHIVE_MAX_FILE_COUNT=10
+
+#
+# SSL Client Certificate Information
+#
+# Example:
+# SSL_KEYSTORE_FILE_PATH=/etc/storm/conf/ranger-plugin-keystore.jks
+# SSL_KEYSTORE_PASSWORD=none
+# SSL_TRUSTSTORE_FILE_PATH=/etc/storm/conf/ranger-plugin-truststore.jks
+# SSL_TRUSTSTORE_PASSWORD=none
+#
+# You do not need use SSL between agent and security admin tool, please leave these sample value as it is.
+#
+SSL_KEYSTORE_FILE_PATH=/etc/storm/conf/ranger-plugin-keystore.jks
+SSL_KEYSTORE_PASSWORD=myKeyFilePassword
+SSL_TRUSTSTORE_FILE_PATH=/etc/storm/conf/ranger-plugin-truststore.jks
+SSL_TRUSTSTORE_PASSWORD=changeit


Mime
View raw message