[ https://issues.apache.org/jira/browse/HADOOP-13396?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15427641#comment-15427641 ]
Xiao Chen commented on HADOOP-13396: ------------------------------------ Thanks Wei-Chiu and Andrew for the great reviews!! I will need more time to come back with the comments, but here's a sample output, pending to roll back the URL changes. (Getting from running the {{testAuditLogFormat}} tests from both, which is exactly the same as what it would show in actual audit log files.) Text: {noformat} OK[op=GENERATE_EEK, key=k4, user=luser, accessCount=1, interval=1ms] testmsg OK[op=GENERATE_EEK, user=luser] testmsg OK[op=GENERATE_EEK, key=k4, user=luser, accessCount=1, interval=5ms] testmsg UNAUTHORIZED[op=DECRYPT_EEK, key=k4, user=luser] ERROR[user=luser] Method:'method' Exception:'testmsg' url:'url' UNAUTHENTICATED RemoteHost:remotehost Method:method URL:url ErrorMsg:'testmsg' {noformat} Json: {noformat} {"username":"luser","impersonator":"null!","ipAddress":"Unknown","operation":"GENERATE_EEK","eventTime":1471583567510,"allowed":true,"result":"OK","accessCount":"1","extraMessage":"testmsg","interval":"2","key":"k4"} {"username":"luser","impersonator":"null!","ipAddress":"Unknown","operation":"GENERATE_EEK","eventTime":1471583567538,"allowed":true,"result":"OK","extraMessage":"testmsg"} {"username":"luser","impersonator":"null!","ipAddress":"Unknown","operation":"GENERATE_EEK","eventTime":1471583568543,"allowed":true,"result":"OK","accessCount":"1","extraMessage":"testmsg","interval":"1035","key":"k4"} {"username":"luser","impersonator":"null!","ipAddress":"Unknown","operation":"DECRYPT_EEK","eventTime":1471583568544,"allowed":false,"result":"UNAUTHORIZED","extraMessage":"","key":"k4"} {"username":"luser","impersonator":"null!","ipAddress":"Unknown","operation":"Unknown","eventTime":1471583568544,"allowed":false,"result":"ERROR","extraMessage":"Method:'method' Exception:'testmsg' url:'url'"} {"username":"null!","impersonator":"null!","ipAddress":"remotehost","operation":"Unknown","eventTime":1471583568545,"allowed":false,"result":"UNAUTHENTICATED","extraMessage":"RemoteHost:remotehost Method:method URL:url ErrorMsg:'testmsg'"} {noformat} > Add json format audit logging to KMS > ------------------------------------ > > Key: HADOOP-13396 > URL: https://issues.apache.org/jira/browse/HADOOP-13396 > Project: Hadoop Common > Issue Type: New Feature > Components: kms > Reporter: Xiao Chen > Assignee: Xiao Chen > Attachments: HADOOP-13396.01.patch, HADOOP-13396.02.patch, > HADOOP-13396.03.patch, HADOOP-13396.04.patch, HADOOP-13396.05.patch, > HADOOP-13396.06.patch > > > Currently, KMS audit log is using log4j, to write a text format log. > We should refactor this, so that people can easily add new format audit logs. > The current text format log should be the default, and all of its behavior > should remain compatible. > A json format log extension is added using the refactored API, and being > turned off by default. -- This message was sent by Atlassian JIRA (v6.3.4#6332) --------------------------------------------------------------------- To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: common-issues-h...@hadoop.apache.org