[ https://issues.apache.org/jira/browse/HDFS-3535?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13400054#comment-13400054 ]
Eli Collins commented on HDFS-3535: ----------------------------------- Forgot to mention, in TestAuditLogs use @Before and @After to setup/teardown cluster and fs in one place (see other tests for an example) > audit logging should log denied accesses as well as permitted ones > ------------------------------------------------------------------ > > Key: HDFS-3535 > URL: https://issues.apache.org/jira/browse/HDFS-3535 > Project: Hadoop HDFS > Issue Type: New Feature > Components: name-node > Affects Versions: 2.0.0-alpha > Reporter: Andy Isaacson > Assignee: Andy Isaacson > Attachments: hdfs-3535-1.txt, hdfs-3535.txt > > > FSNamesystem.java logs an audit log entry when a user successfully accesses > the filesystem: > {code} > logAuditEvent(UserGroupInformation.getLoginUser(), > Server.getRemoteIp(), > "concat", Arrays.toString(srcs), target, resultingStat); > {code} > but there is no similar log when a user attempts to access the filesystem and > is denied due to permissions. Competing systems do provide such logging of > denied access attempts; we should too. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira