[ https://issues.apache.org/jira/browse/ACCUMULO-1070?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13589754#comment-13589754 ]
Keith Turner commented on ACCUMULO-1070: ---------------------------------------- Thanks for the patch, I will take a look at it > Improve the auditing messages that are generated from the server. > ----------------------------------------------------------------- > > Key: ACCUMULO-1070 > URL: https://issues.apache.org/jira/browse/ACCUMULO-1070 > Project: Accumulo > Issue Type: Improvement > Components: master, tserver > Affects Versions: 1.4.2 > Reporter: Philip Young > Assignee: Eric Newton > Labels: patch, security > Attachments: accumulo-1070-1.patch > > Original Estimate: 168h > Remaining Estimate: 168h > > Auditing of all user interactions, including system administrators, is > sometimes required by a companies so that they can retrospectively audit user > interactions after a security breach. Currently, not all user operations on > the Accumulo server are generating audit messages and if they are, not in a > consistent manner. > The audit created in the AuditedSecurityOperations class are not currently > creating consistent messages when an user passes the operation validation to > when they fail the operation validation. > Also, the Scan operations are not being audited and it would be very useful > to know who has run scans and what those scans were, by including: the > principal user, the column families, the ranges, etc. > > I am intending to address both of these issues and submit a patch in the next > week. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira