[ https://issues.apache.org/jira/browse/HDFS-14109?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16712348#comment-16712348 ]
He Xiaoqiao commented on HDFS-14109: ------------------------------------ Thanks [~xkrogen],[~kihwal] for discussing this issue. {quote}I think as with most recent additions to the audit log, it should be protected by a config which defaults to off. In particular, in an environment using only a single namespace, we definitely don't want this information.{quote} +1, only for federation with multi-namespace, and switch off default by a config. {quote}People deal with logs from multiple systems today without having to insert the source identity in every single log line. {quote} Actually, there are multiple system can deal with mass logs data. my opinion is: 1) the lowest-cost method to deal with logs. e.g. 10B audit-log records may cost our amount computing resource if relay with other system. 2) another point, I consider this is scope of hdfs rather than push to other system. Maybe I missing some information, please give your feedback if there are something wrong. Thanks [~xkrogen], [~kihwal] again. > Improve hdfs auditlog format and support federation friendly > ------------------------------------------------------------ > > Key: HDFS-14109 > URL: https://issues.apache.org/jira/browse/HDFS-14109 > Project: Hadoop HDFS > Issue Type: Improvement > Reporter: He Xiaoqiao > Assignee: He Xiaoqiao > Priority: Major > Attachments: HDFS-14109.patch > > > The following auditlog format does not well meet requirement for federation > arch currently. Since some case we need to aggregate all namespace audit log, > if there are some common path request(e.g. /tmp, /user/ etc. some path may > not appear in mountTable, but the path is very real), we will have no idea to > split them that which namespace it request to. So I propose add column > {{nsid}} to support federation more friendly. > {quote}2018-11-27 13:20:30,028 INFO FSNamesystem.audit: allowed=true > ugi=hdfs/hostn...@realm.com (auth:KERBEROS) ip=/10.1.1.2 cmd=getfileinfo > src=/path dst=null perm=null proto=rpc clientName=null > {quote} -- This message was sent by Atlassian JIRA (v7.6.3#76005) --------------------------------------------------------------------- To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org