[ https://issues.apache.org/jira/browse/ZOOKEEPER-1260?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16142328#comment-16142328 ]
ASF GitHub Bot commented on ZOOKEEPER-1260: ------------------------------------------- Github user afine commented on a diff in the pull request: https://github.com/apache/zookeeper/pull/338#discussion_r135345079 --- Diff: src/docs/src/documentation/content/xdocs/zookeeperAuditLogs.xml --- @@ -0,0 +1,205 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- + Copyright 2002-2004 The Apache Software Foundation + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +--> +<!DOCTYPE article PUBLIC "-//OASIS//DTD Simplified DocBook XML V1.0//EN" +"http://www.oasis-open.org/docbook/xml/simple/1.0/sdocbook.dtd"> +<article id="ar_auditLogs"> + <title>ZooKeeper Audit Logging</title> + <articleinfo> + <legalnotice> + <para>Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. You may + obtain a copy of the License at <ulink + url="http://www.apache.org/licenses/LICENSE-2.0">http://www.apache.org/licenses/LICENSE-2.0</ulink>.</para> + + <para>Unless required by applicable law or agreed to in writing, + software distributed under the License is distributed on an "AS IS" + BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied. See the License for the specific language governing permissions + and limitations under the License.</para> + </legalnotice> + + <abstract> + <para>This document contains information about Audit Logs in ZooKeeper.</para> + </abstract> + </articleinfo> + <section id="ch_auditLogs"> + <title>ZooKeeper Audit Logs</title> + <para>Apache ZooKeeper supports audit logs form version 3.5.4. By default audit logs are disabled. To enable audit + logs configure audit.enable=true in conf/zoo.cfg. Audit logs are not logged on all the ZooKeeper servers, but logged + only on the servers where client is connected as depicted in bellow figure.</para> + <mediaobject id="fg_audit" > + <imageobject> + <imagedata fileref="images/zkAuditLogs.jpg"/> + </imageobject> + </mediaobject> + <para>The audit log captures the detailed information for the operations that are selected to be audited. The audit + information is written as a set of key=value pairs for the following keys.</para> + <table> + <title>Audit Log Content</title> + <tgroup cols="5" align="left" colsep="1" rowsep="4"> + <thead> + <row> + <entry>Key</entry> + <entry>Value</entry> + </row> + </thead> + <tbody> + <row> + <entry>session</entry> + <entry>client session id</entry> + </row> + <row> + <entry>user</entry> + <entry> + comma separated list of users who are associate with a client session. To know who is taken as user in audit logs + refer section + <xref linkend="ch_zkAuditUser"/> + </entry> + </row> + <row> + <entry>ip</entry> + <entry>client IP address</entry> + </row> + <row> + <entry>operation</entry> + <entry>any one of the selected operations for audit. Possible values are + (serverStart| serverStop| create| delete| setData| setAcl| multiOperation| reconfig| ephemeralZNodeDeleteOnSessionClose) + </entry> + </row> + <row> + <entry>znode</entry> + <entry>path of the znode</entry> + </row> + <row> + <entry>acl</entry> + <entry>String representation of znode ACL like cdrwa(create, delete,read, write, admin). This is logged + only for setAcl operation</entry> + </row> + <row> + <entry>result</entry> + <entry>result of the operation. Possible values are (success|failure|invoked). Result "invoked" is used --- End diff -- "is only used" may be clearer (if correct) > Audit logging in ZooKeeper servers. > ----------------------------------- > > Key: ZOOKEEPER-1260 > URL: https://issues.apache.org/jira/browse/ZOOKEEPER-1260 > Project: ZooKeeper > Issue Type: New Feature > Components: server > Reporter: Mahadev konar > Assignee: Mohammad Arshad > Fix For: 3.5.4, 3.6.0 > > Attachments: ZOOKEEPER-1260-01.patch, zookeeperAuditLogs.pdf > > > Lots of users have had questions on debugging which client changed what znode > and what updates went through a znode. We should add audit logging as in > Hadoop (look at Namenode Audit logging) to log which client changed what in > the zookeeper servers. This could just be a log4j audit logger. -- This message was sent by Atlassian JIRA (v6.4.14#64029)