Background ---------------- Currently we have multiple topologies in a single Knox server. Each topology points to a different Hadoop environment. For this example, assume the topologies are named DEV, TEST, and PROD.
We had a group who hits Knox forget to change their LDAP password so there were a bunch of messages like this in the audit logs: 17/09/12 15:05:08 > ||GUID|audit|WEBHBASE||||authentication|principal|USERNAME|failure|LDAP > authentication failed. We contacted the group and they wanted to know which topology the requests were hitting so they could fix their password. Regardless of if they should have different users per environment or not, we had no way to easily tell the group which topology they were hitting. The LDAP authentication failure log didn't say which topology it was hitting. It would be great if the audit log message was something like this: > 17/09/12 15:05:08 > ||GUID|audit|DEV|WEBHBASE||||authentication|principal|USERNAME|failure|LDAP > authentication failed. > In this case, the topology was added in the audit line maybe near the service name. We think having the topology name on the line somewhere would be useful for debugging purposes. Question ------------ Is it possible to configure Knox to log which topology each line in the audit log came from? I was looking at https://github.com/apache/knox/blob/master/gateway-util-common/src/main/java/org/apache/hadoop/gateway/audit/log4j/layout/AuditLayout.java and I'm not sure if its possible to easily add the topology there or if it is even the right place?
