Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

does Ranger audit itself ?

Solved Go to solution

does Ranger audit itself ?

Explorer

Hi,

Ranger collects audit log through its plugins.

Does Ranger audit itself also?

I mean: does Ranger produce an audit log when an admin account is, for example, creating a new user, or is modifying associated role?

More generally, are all admin tasks through Ranger UI producing an audit log?

Thanks

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted

Re: does Ranger audit itself ?

Hi @Dominique De Vito,

Yes it does. If you then click on the action 'Update' It will show you what was updated. In this example below. Users was empty and now it has the user HTTP. Hope this is what you were looking for.

62944-screen-shot-2018-03-16-at-90712-am.png

62945-screen-shot-2018-03-16-at-90849-am.png

View solution in original post

4 REPLIES 4
Highlighted

Re: does Ranger audit itself ?

Explorer

Well, AFAIR now, Ranger audits itself for some features

--- Ranger KMS is producing its own audit logs as the HDP docs say:

7.1.3. Enable Ranger KMS Audit
Ranger KMS supports audit to DB, HDFS, and Solr. Solr is well-suited for short-term auditing and UI access (for example, one month of data accessible via quick queries in the Web UI). HDFS is typically used for archival auditing. They are not mutually exclusive; we recommend configuring audit to both Solr and HDFS.

--- And whenever, a "admin" user makes some user profile modifications, Ranger Admin Console stores some trace.

--- And a trace is written too when a user (whatever he/she is) connects to Ranger Admin Console.

All these last 2 kinds of traces could be displayed through the Ranger Admin Console "Audit" feature.

But, does Ranger write any trace for all the resource-based policy modifications ? I don't know.

If anyone has a clue, and want to share it, thanks.

Highlighted

Re: does Ranger audit itself ?

Rising Star

Hi Dominique,
Yes it does audit policy change/update, and logins.
hope this answer your question.

Highlighted

Re: does Ranger audit itself ?

Hi @Dominique De Vito,

Yes it does. If you then click on the action 'Update' It will show you what was updated. In this example below. Users was empty and now it has the user HTTP. Hope this is what you were looking for.

62944-screen-shot-2018-03-16-at-90712-am.png

62945-screen-shot-2018-03-16-at-90849-am.png

View solution in original post

Highlighted

Re: does Ranger audit itself ?

Explorer

@dvillarreal oops, I have missed that ones.

Thanks for pointing me policy change/update traces/audits.

Don't have an account?
Coming from Hortonworks? Activate your account here