Hello, i am trying to communicate with ranger admin url over ssl however while trying to enable ranger kafka plugin i am getting 'java.lang.NoClassDefFoundError: org/apache/commons/lang3/StringUtils' as shown below:  due to this there is no cred.jceks file created in my /etc/ranger/kafkadev/ directory which is needed and i get PKIX path failed error. I am using the original ranger github repository to bring up kafka and ranger docker container and facing this error. Can someone please help out and let me know how to fix this? Or if i can manually create the cred.jceks file? ... View more

Does trino/presto not consist if any logs shown on ranger-admin for masking/row level policies? When i run any queries that implement masking/row level policies i dont see any proof in the audit logs that those policies have been implemented even though i can see my columns masked/row condition applied.  E.g  Why is this like this and is there any way to get the masking/row level policy shown in logs? ... View more

I have edited the install.properties file for the trino plugin and am using this repository https://github.com/aakashnand/trino-ranger-demo.git  I edited the  XAAUDIT.ELASTICSEARCH.URL to my IP and XAAUDIT.ELASTICSEARCH.PORT to my port, and I am using similar configuration for apache hive plugin too and its working there but for trino I get this error when I perform a task and it tried to send audit message.     2022-11-29T09:48:32.780Z INFO org.apache.ranger.audit.queue.AuditBatchQueue1 stdout INFO - {"repoType":8,"repo":"apache_trino_onprem_8","reqUser":"testuser","evtTime":"2022-11-29 09:48:32.543","resource":"tpch/sf1/nation/comment","resType":"column","action":"select","result":1,"agent":"trino","policy":141,"enforcer":"ranger-acl","agentHost":"my-localhost-trino","logType":"RangerAudit","id":"718df890-2d9c-4641-96fe-c38fd58f8a20-37","seq_num":75,"event_count":1,"event_dur_ms":0,"tags":[],"cluster_name":"","policy_version":0} 2022-11-29T09:48:33.471Z INFO org.apache.ranger.audit.queue.AuditBatchQueue0 stdout ERROR - Can't connect to ElasticSearch server: User:elasticsearch, http://192.168.100.82:8091/ranger_auditsjava.lang.NoClassDefFoundError: Could not initialize class org.elasticsearch.ElasticsearchStatusException at org.elasticsearch.client.RestHighLevelClient.parseResponseException(RestHighLevelClient.java:1891) at org.elasticsearch.client.RestHighLevelClient.internalPerformRequest(RestHighLevelClient.java:1645) at org.elasticsearch.client.RestHighLevelClient.performRequest(RestHighLevelClient.java:1602) at org.elasticsearch.client.RestHighLevelClient.performRequestAndParseEntity(RestHighLevelClient.java:1572) at org.elasticsearch.client.IndicesClient.open(IndicesClient.java:614) at org.apache.ranger.audit.destination.ElasticSearchAuditDestination.newClient(ElasticSearchAuditDestination.java:253) at org.apache.ranger.audit.destination.ElasticSearchAuditDestination.getClient(ElasticSearchAuditDestination.java:184) at org.apache.ranger.audit.destination.ElasticSearchAuditDestination.log(ElasticSearchAuditDestination.java:118) at org.apache.ranger.audit.queue.AuditBatchQueue.runLogAudit(AuditBatchQueue.java:309) at org.apache.ranger.audit.queue.AuditBatchQueue.run(AuditBatchQueue.java:215) at java.base/java.lang.Thread.run(Thread.java:833) 2022-11-29T09:48:33.471Z INFO org.apache.ranger.audit.queue.AuditBatchQueue0 stdout WARN - failed to log audit event: {"repoType":8,"repo":"apache_trino_onprem_8","reqUser":"testuser","evtTime":"2022-11-29 09:48:31.428","resource":"lower","resType":"function","action":"execute","result":0,"agent":"trino","policy":-1,"enforcer":"ranger-acl","agentHost":"my-localhost-trino","logType":"RangerAudit","id":"718df890-2d9c-4641-96fe-c38fd58f8a20-19","seq_num":39,"event_count":1,"event_dur_ms":0,"tags":[],"cluster_name":""}, errorMessage= 2022-11-29T09:48:33.476Z INFO org.apache.ranger.audit.queue.AuditBatchQueue0 stdout WARN - Log failure count: 19 in past 28:23.520 minutes; 20 during process lifetime 2022-11-29T09:48:33.669Z INFO PolicyRefresher(serviceName=apache_trino_onprem_8)-169 stdout ERROR - Error getting Roles; service not found. secureMode=false, user=root (auth:SIMPLE), response=404, serviceName=apache_trino_onprem_8, lastKnownRoleVersion=-1, lastActivationTimeInMillis=1669713508318     I also can't find where the curl commands are, e.g for hive I can see the exact curl command it is sending along with the payload in hive.log but for trino I can't see any curl command in logs.  ... View more