Re:IP address always got "unknown-ip-addr" in hive audit log

Fri, 26 Aug 2016 19:51:59 -0700 

Hello,respected developers:
      my hive version is 1.2.1, and it was installed on only one machine ,and  
use mysql as its metastore  and installed on the same machine. Currently, we do 
not need a separate metastore process, and start hiveserver2 with "nohup 
hiveserver2 &", and visit it through beelines, now we configured kerberos 
authentication and hive audit log, will, hive audit logs shows  
"unknown-ip-addr ", how print showed up specific IP?
     I debug the HiveMetaStore.java, and found the logic do not access the 
setIpAddress():
public static void setIpAddress(String ipAddress) {
      threadLocalIpAddress.set(ipAddress);
    }

so the ip address is always "null",and then give it a default value 
"unknown-ip-addr":
if (address == null) {
        address = "unknown-ip-addr";
      }

I still don't know why? SO,can any body please give me a little  guidance?

Thanks in advance for any reply.

At 2016-08-24 10:56:01, "Maria" <[email protected]> wrote:
>
>Hi, all:
>   I want to config audit log for hive 1.2.1. 
>   I use kerberos for hive authentication, and did not start up the hive 
> metastore service.
>   Just under such a background,I opened hive autid-log function. But the log 
> contents like this:
>"HiveMetaStore.java:logAuditEvent(371) - ugi=ocp ip=unknown-ip-addr 
>cmd=get_table : db=default pat=*"
>
>My $HIVE_HOME is on the same machine with hive metastore(MySQL)。I don't know 
>why the IP addr is "unknown-ip-addr". I looked into hive source code,and found 
>some useful info:
>"
>// This will return null if the metastore is not being accessed from a 
>metastore Thrift server,
>    // or if the TTransport being used to connect is not an instance of 
> TSocket, or if kereberos
>    // is used
>    public static String getThreadLocalIpAddress() {
>      return threadLocalIpAddress.get();
>    }"
>
>Does this means if I used kerberos and didn't startup metastore service by 
>"hive --service metastore", the ip-addr will always be "unknown-ip-addr"? 
>and by the way, the cmd is just like this "cmd=get_table:db=default pat=*" or 
>"cmd=get_functions:db=default pat=*",etc? the audit log cannot record full 
>specific sql? 
>
>
>Thanks in advance for any reply.
>
>Maria.
>
>

Reply via email to