Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Solved Go to solution

Ranger doesn't stop logging audit events when I disable Audit Logging in the policy

Labels:
avatar
author-rank arturbrandys1
Explorer

Created ‎12-27-2021 01:41 AM

Hello.

I want to disable logging for some of the policies in Ranger (Ranger 1.2.0, HDP-3.1.4.0-315) I edit the policies to switch off the Audit Logging button and when I save this configuration in Ranger Audit I see that nothing changes (all the logs from the policies that I disabled logging are visible).

Why can this be so?

1,118 Views
0 Kudos
0
1 ACCEPTED SOLUTION

avatar
author-rank pvishnu author-rank
Expert Contributor

Created ‎12-28-2021 02:31 AM

Hi @arturbrandys1,

 

The Audit decision taken by Ranger (whether to audit or not) are based on matching resource. That is, if there is a policy which allows audit for a certain resource, then audit will be performed irrespective of whether that policy is governing access policy or not.


And in your case, suppose if there is another policy with audit enabled on a higher level - like the root directory "/" for hdfs - then lower level policy can override the access rights but can’t limit the audit logging.

 

Thanks,
Prashanth Vishnu

View solution in original post

1,194 Views
1
1 REPLY 1

avatar
author-rank pvishnu author-rank
Expert Contributor

Created ‎12-28-2021 02:31 AM

Hi @arturbrandys1,

 

The Audit decision taken by Ranger (whether to audit or not) are based on matching resource. That is, if there is a policy which allows audit for a certain resource, then audit will be performed irrespective of whether that policy is governing access policy or not.


And in your case, suppose if there is another policy with audit enabled on a higher level - like the root directory "/" for hdfs - then lower level policy can override the access rights but can’t limit the audit logging.

 

Thanks,
Prashanth Vishnu

1,195 Views
1
Announcements
Community Announcements
April 2025 Cloudera Customer Advisory: Cloudera’s response t...
What's New @ Cloudera
[RELEASED] Cloudera Streaming Analytics - Kubernetes Operato...
What's New @ Cloudera
[RELEASED] Cloudera Streams Messaging - Kubernetes Operator ...
Community Announcements
February 2025 Community Highlights
What's New @ Cloudera
3 Benefits of External IDE Connectivity, Now Available in Cl...
View More Announcements