Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Solved Go to solution

HDFS audit log

Labels:
avatar
author-rank sbmaillist
Explorer

Created on ‎02-07-2017 07:17 PM - edited ‎09-16-2022 04:02 AM

Is there a reason why there is a forward slash "/" in the "ip" field in front of the real IP Address in hdfs-audit.log?

2017-01-27 00:00:01,300 INFO FSNamesystem.audit: allowed=true ugi=SOMETHING.COM (auth:KERBEROS) ip=/172.22.7.129 cmd=listStatus src=/apps/hbase/data/archive/data/default/ambarismoketest dst=null perm=null proto=rpc callerContext=CLI

2,733 Views
0 Kudos
1 ACCEPTED SOLUTION

avatar
author-rank tkiss
Expert Contributor

Created ‎02-08-2017 05:53 AM

Very good question! Let's dig into Hadoop's source to find this out.

The audit log uses java.net.InetAddress's toString() method to obtain a text format of the address:

https://github.com/apache/hadoop/blob/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache...

InetAddress's returns the information in "hostname/ip" format. If the hostname is not resolvable (reverse lookup is not working) then you get a starting slash:

http://docs.oracle.com/javase/7/docs/api/java/net/InetAddress.html#toString()

View solution in original post

1,835 Views
1 REPLY 1

avatar
author-rank tkiss
Expert Contributor

Created ‎02-08-2017 05:53 AM

Very good question! Let's dig into Hadoop's source to find this out.

The audit log uses java.net.InetAddress's toString() method to obtain a text format of the address:

https://github.com/apache/hadoop/blob/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache...

InetAddress's returns the information in "hostname/ip" format. If the hostname is not resolvable (reverse lookup is not working) then you get a starting slash:

http://docs.oracle.com/javase/7/docs/api/java/net/InetAddress.html#toString()

1,836 Views
Announcements
What's New @ Cloudera
Cloudera DataFlow 2.9 now supports building GenAI pipelines ...
What's New @ Cloudera
Accelerate Data Scientist Productivity with Cloudera Copilot...
What's New @ Cloudera
[RELEASED] Cloudera Streaming Analytics - Kubernetes Operato...
Community Announcements
October 2024 Community Highlights
What's New @ Cloudera
Accelerate Your AI with the Cloudera AI Inference Service wi...
View More Announcements