Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

Unable to connect to Audit store

Unable to connect to Audit store

Super Collaborator

Hello everyone, I am using HDP2.5 technical preview and I am getting following error in Ranger UI:

Unable to connect to Audit store

I am getting "No Access Audit found" in Access tab of Ranger UI. All Hive events are supposed to get audited to Solr. Can someone please help?

12 REPLIES 12

Re: Unable to connect to Audit store

Could you please run "ps -eaf | grep Embed" and check xa_portal.log and catalina.out files for ERROR and WARN log messages. UI is just a tool over the core Ranger features and most probable reason UI not able to communicate MySql ranger_audit database to get the access for web console.

Re: Unable to connect to Audit store

Super Collaborator

Seems like Ranger embedded server is running:

ranger 15788 1 12 04:05 ? 00:00:38 java -Dproc_rangeradmin -XX:MaxPermSize=256m -Xmx1024m -Xms1024m -Dlogdir=/var/log/ranger/admin -Dcatalina.base=/usr/hdp/2.5.0.0-817/ranger-admin/ews -cp /usr/hdp/2.5.0.0-817/ranger-admin/ews/webapp/WEB-INF/classes/conf:/usr/hdp/2.5.0.0-817/ranger-admin/ews/lib/*:/usr/hdp/2.5.0.0-817/ranger-admin/ews/ranger_jaas/*:/usr/hdp/2.5.0.0-817/ranger-admin/ews/webapp/WEB-INF/classes/conf/ranger_jaas:/usr/lib/jvm/java/lib/*:/*: org.apache.ranger.server.tomcat.EmbeddedServer

Did not find anything odd in catalina.out but getting some exceptions in xa_portal.log:

Attached is the log file:xa-portallog.txt

Re: Unable to connect to Audit store

Ranger is not able to connect to the audit store , can you please check what audit source , by default it is solr , if it is solr please check if solr is up or configured properly

Re: Unable to connect to Audit store

Super Collaborator

Audit source is solr, can you please guide me how to check whether solr is up or not. Do I have to install lucidsearch* package for solr?

Re: Unable to connect to Audit store

can you please ranger audit conf ranger.audit.solr.urls and then for ex: it is http://localhost:6083/solr/ranger_audits then try to connect to http://localhost:6083 and see if you are able to access the same and ranger_audit core/collection exist there

Re: Unable to connect to Audit store

Super Collaborator

I am not able to connect it, its refusing the connection

Re: Unable to connect to Audit store

can you please configure solr audit properly ,

please follow this link https://cwiki.apache.org/confluence/display/RANGER/Install+and+Configure+Solr+for+Ranger+Audits+-+Ap...

Re: Unable to connect to Audit store

Super Collaborator

Did the configuration, Solr server got successfully started but not able to view on browser, getting 503 HTTP exception.

Also ranger admin logs display the same thing:

ERROR org.apache.ranger.solr.SolrUtil (SolrUtil.java:78) - Error from Solr server.

org.apache.solr.client.solrj.impl.HttpSolrClient$RemoteSolrException: Error from server at http://sandbox.hortonworks.com:6083/solr/ranger_audits: Expected mime type application/octet-stream but got text/html. <html>

<head>

<meta http-equiv="Content-Type" content="text/html;charset=ISO-8859-1"/>

<title>Error 503 </title>

</head>

<body>

<h2>HTTP ERROR: 503</h2>

<p>Problem accessing /solr/ranger_audits/select. Reason:

<pre> Service Unavailable</pre></p>

<hr /><i><small>Powered by Jetty://</small></i>

</body>

</html>

Re: Unable to connect to Audit store

your solr might have installed properly but ranger_audits core/collection is not present , can you open the solr using this url http://sandbox.hortonworks.com:6083 and then check whether core/collection present

Don't have an account?
Coming from Hortonworks? Activate your account here