Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Solved Go to solution

does Ranger audit itself ?

Labels:
avatar
author-rank ddv36a78
Explorer

Created ‎02-16-2018 08:42 AM

Hi,

Ranger collects audit log through its plugins.

Does Ranger audit itself also?

I mean: does Ranger produce an audit log when an admin account is, for example, creating a new user, or is modifying associated role?

More generally, are all admin tasks through Ranger UI producing an audit log?

Thanks

2,480 Views
0 Kudos
1 ACCEPTED SOLUTION

avatar
author-rank dvillarreal
Guru

Created on ‎03-16-2018 04:11 PM - edited ‎08-17-2019 06:19 PM

Hi @Dominique De Vito,

Yes it does. If you then click on the action 'Update' It will show you what was updated. In this example below. Users was empty and now it has the user HTTP. Hope this is what you were looking for.

62944-screen-shot-2018-03-16-at-90712-am.png

62945-screen-shot-2018-03-16-at-90849-am.png

View solution in original post

2,375 Views
4 REPLIES 4

avatar
author-rank ddv36a78
Explorer

Created ‎03-15-2018 12:45 PM

Well, AFAIR now, Ranger audits itself for some features

--- Ranger KMS is producing its own audit logs as the HDP docs say:

7.1.3. Enable Ranger KMS Audit
Ranger KMS supports audit to DB, HDFS, and Solr. Solr is well-suited for short-term auditing and UI access (for example, one month of data accessible via quick queries in the Web UI). HDFS is typically used for archival auditing. They are not mutually exclusive; we recommend configuring audit to both Solr and HDFS.

--- And whenever, a "admin" user makes some user profile modifications, Ranger Admin Console stores some trace.

--- And a trace is written too when a user (whatever he/she is) connects to Ranger Admin Console.

All these last 2 kinds of traces could be displayed through the Ranger Admin Console "Audit" feature.

But, does Ranger write any trace for all the resource-based policy modifications ? I don't know.

If anyone has a clue, and want to share it, thanks.

2,375 Views
0 Kudos

avatar
author-rank ahallam
Expert Contributor

Created ‎03-16-2018 10:22 PM

Hi Dominique,
Yes it does audit policy change/update, and logins.
hope this answer your question.

2,375 Views
0 Kudos

avatar
author-rank dvillarreal
Guru

Created on ‎03-16-2018 04:11 PM - edited ‎08-17-2019 06:19 PM

Hi @Dominique De Vito,

Yes it does. If you then click on the action 'Update' It will show you what was updated. In this example below. Users was empty and now it has the user HTTP. Hope this is what you were looking for.

62944-screen-shot-2018-03-16-at-90712-am.png

62945-screen-shot-2018-03-16-at-90849-am.png

2,376 Views

avatar
author-rank ddv36a78
Explorer

Created ‎03-19-2018 01:21 PM

@dvillarreal oops, I have missed that ones.

Thanks for pointing me policy change/update traces/audits.

2,375 Views
0 Kudos
Announcements
What's New @ Cloudera
Cloudera Data Engineering 1.23: Access Spark from Your Favor...
What's New @ Cloudera
HBase REST server scaling support is Generally Available
What's New @ Cloudera
New CLI option in the update-database command
What's New @ Cloudera
New Action menu item in the Cloudera Operational Database UI
What's New @ Cloudera
Get the list of supported instance types in the Cloudera Ope...
View More Announcements