[jira] [Commented] (HDFS-14109) Improve hdfs auditlog format and support federation friendly

Thu, 06 Dec 2018 21:16:01 -0800 


    [ 
https://issues.apache.org/jira/browse/HDFS-14109?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16712348#comment-16712348
 ] 

He Xiaoqiao commented on HDFS-14109:
------------------------------------

Thanks [~xkrogen],[~kihwal] for discussing this issue.
{quote}I think as with most recent additions to the audit log, it should be 
protected by a config which defaults to off. In particular, in an environment 
using only a single namespace, we definitely don't want this information.{quote}
+1, only for federation with multi-namespace, and switch off default by a 
config.
{quote}People deal with logs from multiple systems today without having to 
insert the source identity in every single log line. {quote}
Actually, there are multiple system can deal with mass logs data. my opinion is:
1) the lowest-cost method to deal with logs. e.g. 10B audit-log records may 
cost our amount computing resource if relay with other system.
2) another point, I consider this is scope of hdfs rather than push to other 
system.
Maybe I missing some information, please give your feedback if there are 
something wrong.
Thanks [~xkrogen],  [~kihwal] again.

> Improve hdfs auditlog format and support federation friendly
> ------------------------------------------------------------
>
>                 Key: HDFS-14109
>                 URL: https://issues.apache.org/jira/browse/HDFS-14109
>             Project: Hadoop HDFS
>          Issue Type: Improvement
>            Reporter: He Xiaoqiao
>            Assignee: He Xiaoqiao
>            Priority: Major
>         Attachments: HDFS-14109.patch
>
>
> The following auditlog format does not well meet requirement for federation 
> arch currently. Since some case we need to aggregate all namespace audit log, 
> if there are some common path request(e.g. /tmp, /user/ etc. some path may 
> not appear in mountTable, but the path is very real), we will have no idea to 
> split them that which namespace it request to. So I propose add column 
> {{nsid}} to support federation more friendly.  
> {quote}2018-11-27 13:20:30,028 INFO FSNamesystem.audit: allowed=true   
> ugi=hdfs/hostn...@realm.com (auth:KERBEROS)  ip=/10.1.1.2 cmd=getfileinfo 
> src=/path   dst=null        perm=null       proto=rpc       clientName=null
> {quote}



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org

Reply via email to