[jira] [Commented] (ACCUMULO-1070) Improve the auditing messages that are generated from the server.

Wed, 22 May 2013 10:39:31 -0700 

    [ 
https://issues.apache.org/jira/browse/ACCUMULO-1070?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13664308#comment-13664308
 ] 

Eric Newton commented on ACCUMULO-1070:
---------------------------------------

Rob, is there a reason why you pulled all the printf constants to one place?  
That's not typical for the rest of the codebase, and it's nice to see the 
template next to point where it is expanded.  Otherwise, it looks good.
                
> Improve the auditing messages that are generated from the server.
> -----------------------------------------------------------------
>
>                 Key: ACCUMULO-1070
>                 URL: https://issues.apache.org/jira/browse/ACCUMULO-1070
>             Project: Accumulo
>          Issue Type: Improvement
>          Components: master, tserver
>    Affects Versions: 1.4.2
>            Reporter: Philip Young
>            Assignee: Philip Young
>              Labels: patch, security
>             Fix For: 1.6.0
>
>         Attachments: accumulo-1070-1.patch, accumulo-1070-2.patch, 
> accumulo-1070-3.patch
>
>   Original Estimate: 168h
>  Remaining Estimate: 168h
>
> Auditing of all user interactions, including system administrators, is 
> sometimes required by a companies so that they can retrospectively audit user 
> interactions after a security breach. Currently, not all user operations on 
> the Accumulo server are generating audit messages and if they are, not in a 
> consistent manner. 
> The audit created in the AuditedSecurityOperations class are not currently 
> creating consistent messages when an user passes the operation validation to 
> when they fail the operation validation.
> Also, the Scan operations are not being audited and it would be very useful 
> to know who has run scans and what those scans were, by including: the 
> principal user, the column families, the ranges, etc.
>  
> I am intending to address both of these issues and submit a patch in the next 
> week.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to