Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Solved Go to solution

Can we detect who did a particular operation in NiFi?

Labels:
avatar
author-rank AlokKumar
Expert Contributor

Created on ‎05-26-2026 09:51 AM - edited ‎05-26-2026 09:52 AM

Hello we have single user based NiFi but in reality around 15 to 20 people use that instance. How to know who added a process group or stopped a processor and at which point of time was that processor stopped? Do we have any IP getting recorded or anything like that? 
Is it possible in NiFi having OIDC/Oauth2 based authentication that which user added/removed something?

285 Views
0 Kudos
1 ACCEPTED SOLUTION

avatar
author-rank MattWho author-rank
Master Mentor

Created ‎06-03-2026 06:06 PM

@AlokKumar 

You need to make sure each user is authenticating with a unique username in order to

know which user made a change If you are using the same user, then all recorded changes will show that single user.  Form a pure security standpoint it is a bad practice to have multiple users share authentication credentials.  Apache NiFi offers numerous

methods for User Authentication.   While Lightweight Directory Access Protocol (LDAP) is probably the most commonly used, there are other options to include OpenID ConnectKerberosSAMLJSON Web Tokens, and X.509 Client Certificates.

If you are currently using the default Single User authentication which the utilizes the Single User authorizer, you will also need to select a different Multi-Tenant Authorization as well to go with the new multi user authentication methods.  The most commonly used is the StandardManagedAuthorizer

Please help our community grow. If you found any of the suggestions/solutions provided helped you with solving your issue or answering your question, please take a moment to login and click "Accept as Solution" on one or more of them that helped.

Thank you,
Matt



View solution in original post

130 Views
0 Kudos
4 REPLIES 4

avatar
author-rank vafs author-rank
Master Collaborator

Created ‎05-26-2026 11:41 AM

Hello @AlokKumar

Thanks for being part of the community. 

Yes, that is possible. 
You should be able to search on the nifi-user.log for entries. You can either filter them by user or by processor IDs. 

For example, I did some starts and stops for this processor. 

vafs_0-1779820389394.png

By checking the log using the ID, I found this: 

2026-05-26 18:29:40,582 INFO [NiFi Web Server-36464] o.a.n.w.s.NiFiAuthenticationFilter Authentication Started 10.129.x.x [<vafs><CN=node1.cfm-vafs.cloudera.com, ST=CA, C=US>] PUT https://node1.cfm-vafs.cloudera.com:8443/nifi-api/processors/3be575b5-019e-1000-0000-00002f93e650/run-status
2026-05-26 18:29:40,582 INFO [NiFi Web Server-36464] o.a.n.w.s.NiFiAuthenticationFilter Authentication Success [vafs] 10.129.x.x PUT https://node1.cfm-vafs.cloudera.com:8443/nifi-api/processors/3be575b5-019e-1000-0000-00002f93e650/run-status
2026-05-26 18:29:40,597 INFO [NiFi Web Server-33000] o.a.n.w.s.NiFiAuthenticationFilter Authentication Started 10.129.x.x [<vafs><CN=node1.cfm-vafs.cloudera.com, ST=CA, C=US>] PUT https://node1.cfm-vafs.cloudera.com:8443/nifi-api/processors/3be575b5-019e-1000-0000-00002f93e650/run-status
2026-05-26 18:29:40,598 INFO [NiFi Web Server-33000] o.a.n.w.s.NiFiAuthenticationFilter Authentication Success [vafs] 10.129.x.x PUT https://node1.cfm-vafs.cloudera.com:8443/nifi-api/processors/3be575b5-019e-1000-0000-00002f93e650/run-status
...
2026-05-26 18:29:51,454 INFO [NiFi Web Server-36459] o.a.n.w.s.NiFiAuthenticationFilter Authentication Started 10.129.x.x [<vafs><CN=node1.cfm-vafs.cloudera.com, ST=CA, C=US>] PUT https://node1.cfm-vafs.cloudera.com:8443/nifi-api/processors/3be575b5-019e-1000-0000-00002f93e650/run-status
2026-05-26 18:29:51,455 INFO [NiFi Web Server-36459] o.a.n.w.s.NiFiAuthenticationFilter Authentication Success [vafs] 10.129.x.x PUT https://node1.cfm-vafs.cloudera.com:8443/nifi-api/processors/3be575b5-019e-1000-0000-00002f93e650/run-status
2026-05-26 18:29:51,465 INFO [NiFi Web Server-36510] o.a.n.w.s.NiFiAuthenticationFilter Authentication Started 10.129.x.x [<vafs><CN=node1.cfm-vafs.cloudera.com, ST=CA, C=US>] PUT https://node1.cfm-vafs.cloudera.com:8443/nifi-api/processors/3be575b5-019e-1000-0000-00002f93e650/run-status
2026-05-26 18:29:51,465 INFO [NiFi Web Server-36510] o.a.n.w.s.NiFiAuthenticationFilter Authentication Success [vafs] 10.129.x.x PUT https://node1.cfm-vafs.cloudera.com:8443/nifi-api/processors/3be575b5-019e-1000-0000-00002f93e650/run-status

Also, by checking the ID for a proccessor group I see the following: 

vafs_1-1779820677770.png

2026-05-26 18:31:40,166 INFO [NiFi Web Server-36460] o.a.n.w.s.NiFiAuthenticationFilter Authentication Started 10.129.x.x [<vafs><CN=node1.cfm-vafs.cloudera.com, ST=CA, C=US>] PUT https://node1.cfm-vafs.cloudera.com:8443/nifi-api/process-groups/658e5692-019e-1000-ffff-ffff8f55b0de
2026-05-26 18:31:40,167 INFO [NiFi Web Server-36460] o.a.n.w.s.NiFiAuthenticationFilter Authentication Success [vafs] 10.129.x.x PUT https://node1.cfm-vafs.cloudera.com:8443/nifi-api/process-groups/658e5692-019e-1000-ffff-ffff8f55b0de
2026-05-26 18:31:40,187 INFO [NiFi Web Server-36459] o.a.n.w.s.NiFiAuthenticationFilter Authentication Started 10.129.x.x [<vafs><CN=node1.cfm-vafs.cloudera.com, ST=CA, C=US>] PUT https://node1.cfm-vafs.cloudera.com:8443/nifi-api/process-groups/658e5692-019e-1000-ffff-ffff8f55b0de
2026-05-26 18:31:40,188 INFO [NiFi Web Server-36459] o.a.n.w.s.NiFiAuthenticationFilter Authentication Success [vafs] 10.129.x.x PUT https://node1.cfm-vafs.cloudera.com:8443/nifi-api/process-groups/658e5692-019e-1000-ffff-ffff8f55b0de

This should give you the information you want. 


Regards,
Andrés Fallas
--
Was your question answered? Please take some time to click on "Accept as Solution" below this post.
If you find a reply useful, say thanks by clicking on the thumbs-up button.
271 Views
0 Kudos

avatar
author-rank AlokKumar
Expert Contributor

Created on ‎05-27-2026 01:26 AM - edited ‎05-27-2026 01:27 AM

hello in the logs above I don't see any log which describes LogAttribute (the screenshot you have posted above says it is a LogAttribute processor) being started or stopped. Also anyway to know which user did this

237 Views
0 Kudos

avatar
author-rank vafs author-rank
Master Collaborator

Created on ‎05-27-2026 01:18 PM - edited ‎05-27-2026 01:23 PM

Hello @AlokKumar

The log used the Processor or Group ID, not the name. 
This is because you can have multiple processor for the same one, but the ID is always unique. 
On this example, the ID is: 3be575b5-019e-1000-0000-00002f93e650

The user is also reported between the [], in my case, is vafs

2026-05-26 18:29:51,455 INFO [NiFi Web Server-36459] o.a.n.w.s.NiFiAuthenticationFilter Authentication Success [vafs] 10.129.x.x PUT https://node1.cfm-vafs.cloudera.com:8443/nifi-api/processors/3be575b5-019e-1000-0000-00002f93e650/run-status

 


Regards,
Andrés Fallas
--
Was your question answered? Please take some time to click on "Accept as Solution" below this post.
If you find a reply useful, say thanks by clicking on the thumbs-up button.
221 Views
0 Kudos

avatar
author-rank MattWho author-rank
Master Mentor

Created ‎06-03-2026 06:06 PM

@AlokKumar 

You need to make sure each user is authenticating with a unique username in order to

know which user made a change If you are using the same user, then all recorded changes will show that single user.  Form a pure security standpoint it is a bad practice to have multiple users share authentication credentials.  Apache NiFi offers numerous

methods for User Authentication.   While Lightweight Directory Access Protocol (LDAP) is probably the most commonly used, there are other options to include OpenID ConnectKerberosSAMLJSON Web Tokens, and X.509 Client Certificates.

If you are currently using the default Single User authentication which the utilizes the Single User authorizer, you will also need to select a different Multi-Tenant Authorization as well to go with the new multi user authentication methods.  The most commonly used is the StandardManagedAuthorizer

Please help our community grow. If you found any of the suggestions/solutions provided helped you with solving your issue or answering your question, please take a moment to login and click "Accept as Solution" on one or more of them that helped.

Thank you,
Matt



131 Views
0 Kudos
Announcements
What's New @ Cloudera
Cloudera Data Lineage Custom Lineage Connector Relaunch
What's New @ Cloudera
Product Update: Cloudera Flow Management Operator for Kubern...
What's New @ Cloudera
Product Update: Cloudera Data Flow v3.1 for Cloudera on Clou...
Community Announcements
May 2026 Community Highlights
Community Announcements
Testing the tags to new post
View More Announcements