Support Questions

arturbrandys1 · ‎12-27-2021

Hello.

I want to disable logging for some of the policies in Ranger (Ranger 1.2.0, HDP-3.1.4.0-315) I edit the policies to switch off the Audit Logging button and when I save this configuration in Ranger Audit I see that nothing changes (all the logs from the policies that I disabled logging are visible).

Why can this be so?

pvishnu · ‎12-28-2021

Hi @arturbrandys1,

The Audit decision taken by Ranger (whether to audit or not) are based on matching resource. That is, if there is a policy which allows audit for a certain resource, then audit will be performed irrespective of whether that policy is governing access policy or not.

And in your case, suppose if there is another policy with audit enabled on a higher level - like the root directory "/" for hdfs - then lower level policy can override the access rights but can’t limit the audit logging.

Thanks,
Prashanth Vishnu

View solution in original post

pvishnu · ‎12-28-2021

Hi @arturbrandys1,

The Audit decision taken by Ranger (whether to audit or not) are based on matching resource. That is, if there is a policy which allows audit for a certain resource, then audit will be performed irrespective of whether that policy is governing access policy or not.

And in your case, suppose if there is another policy with audit enabled on a higher level - like the root directory "/" for hdfs - then lower level policy can override the access rights but can’t limit the audit logging.

Thanks,
Prashanth Vishnu

Cloudera Community

Support Questions

Ranger doesn't stop logging audit events when I disable Audit Logging in the policy