https://community.cloudera.com/t5/Archives-of-Support-Questions/Ranger-logs-UI/m-p/170081#M57761 <P><A rel="user" href="https://community.cloudera.com/users/16806/azimuddinam.html" nodeid="16806">@sbx hadoop</A></P><P>You can access the Audit logs through the Ranger UI. The logs are stored in Solr (Ambari Infra), so you are able to apply a filter and search conditions to the logs. The search conditions include Result (Denied/Allowed, Date, User, IP, Component, Access Type, Tag, etc.).</P><P><A href="https://community.cloudera.com/legacyfs/online/attachments/13900-screen-shot-2017-03-22-at-150306.png">screen-shot-2017-03-22-at-150306.png</A></P> Wed, 22 Mar 2017 22:12:27 GMT gmartin 2017-03-22T22:12:27Z https://community.cloudera.com/t5/Archives-of-Support-Questions/Ranger-logs-UI/m-p/170080#M57760 <P>Hello, I am from cloudera background recently moved to Hortonworks platform. I am trying to find if we have a UI like cloudera navigator in Hortonworks. My requirement is to audit the Ranger logs, check " </P><P>logs related to a db accesed, by , when who, denied, last accssed " etc. </P> Wed, 22 Mar 2017 21:27:52 GMT https://community.cloudera.com/t5/Archives-of-Support-Questions/Ranger-logs-UI/m-p/170080#M57760 optex 2017-03-22T21:27:52Z https://community.cloudera.com/t5/Archives-of-Support-Questions/Ranger-logs-UI/m-p/170081#M57761 <P><A rel="user" href="https://community.cloudera.com/users/16806/azimuddinam.html" nodeid="16806">@sbx hadoop</A></P><P>You can access the Audit logs through the Ranger UI. The logs are stored in Solr (Ambari Infra), so you are able to apply a filter and search conditions to the logs. The search conditions include Result (Denied/Allowed, Date, User, IP, Component, Access Type, Tag, etc.).</P><P><A href="https://community.cloudera.com/legacyfs/online/attachments/13900-screen-shot-2017-03-22-at-150306.png">screen-shot-2017-03-22-at-150306.png</A></P> Wed, 22 Mar 2017 22:12:27 GMT https://community.cloudera.com/t5/Archives-of-Support-Questions/Ranger-logs-UI/m-p/170081#M57761 gmartin 2017-03-22T22:12:27Z https://community.cloudera.com/t5/Archives-of-Support-Questions/Ranger-logs-UI/m-p/170082#M57762 <P>Hi <A href="https://community.hortonworks.com/users/16806/azimuddinam.html">@sbx hadoop</A>, Ranger provides an excellent auditing functionality that can be accessed easily through Ranger UI.</P><P>After logging into ranger UI, click on Audit link from top global menu and then click on access tab.</P><P>The resource access related logs are found here. Pls note the access logs will be generated only if the Ranger plugin for that component is enabled and working fine.</P><P>This page shows you the following:</P><P>Date and time at which the resource access was attempted, user which tried to access the resource, service to which the resource belongs and whose policies come into play, Resource name and type (Ex: type = column-family if the operation was related to hbase col family ), Access Type [Eg: get for hbase], Result - Allowed/ Denied, Access Enforcer=ranger-acl/ hadoop-acl, and the policy which granted access.</P><P>In case of Access Enforcer=ranger-acl and result=denied, the policy-id field will show a '--' which means that the user didn't have any Ranger policy for that resource and so the access was denied.</P><P>In case of Access Enforcer=ranger-acl and result=allowed, the policy-id field will show the policy-id link, which means that the user had access to the resource through that particular policy. Clicking on the link will show you the policy details.</P><P>Also the search feature helps you in streamlining your search by entering various search inputs.</P><P>Hope this helps.</P> Thu, 23 Mar 2017 05:19:50 GMT https://community.cloudera.com/t5/Archives-of-Support-Questions/Ranger-logs-UI/m-p/170082#M57762 aleekha 2017-03-23T05:19:50Z