Member since
09-25-2015
93
Posts
66
Kudos Received
19
Solutions
My Accepted Solutions
Title | Views | Posted |
---|---|---|
2248 | 10-12-2017 08:30 PM | |
1222 | 02-22-2017 12:19 AM | |
2823 | 02-01-2017 07:12 PM | |
2363 | 01-23-2017 11:58 PM | |
1269 | 12-06-2016 10:50 PM |
06-06-2016
05:00 PM
@dsharma Go to custom ranger-hbase-security section in ambari and add the following. These setting in ranger will help you modify the read and connection timeout. Please try increasing this and see how it goes? ranger.plugin.hbase.policy.rest.client.connection.timeoutMs=120000 ranger.plugin.hbase.policy.rest.client.read.timeoutMs=30000
... View more
06-04-2016
12:32 AM
@luis marmolejo Please check the permission of the file /tmp/ranger_hdfs_audit.log. Make sure it has rw permission for all others also. This is working fine.
... View more
06-02-2016
07:39 PM
@bdurai I dont see an internal reference for this. We need to create one. Your are right. we need to do the configuration changes via Amabri for respective components if Ambari is used.
... View more
06-02-2016
07:09 PM
3 Kudos
@luis marmolejo You can conifgure Ranger Audit to go to Log4J appender. In this way a copy can be sent to file as you needed. Configure these properties via Ambari for the respective components if you are using Ambari for managing. 1 ) You need to enable auditing to log4j appender by adding the following property to ranger-<component>-audit.xml <property> <name>xasecure.audit.log4j.is.enabled</name> <value>true</value> </property> <property> <name>xasecure.audit.destination.log4j</name> <value>true</value> </property> <property> <name>xasecure.audit.destination.log4j.logger</name> <value>xaaudit</value> </property> 2) Add the appender to the log4j.properties or log4j.xml file for the <component> ranger.logger=INFO,console,RANGERAUDIT log4j.logger.xaaudit=${ranger.logger} log4j.appender.RANGERAUDIT=org.apache.log4j.DailyRollingFileAppender log4j.appender.RANGERAUDIT.File=/tmp/ranger_hdfs_audit.log log4j.appender.RANGERAUDIT.layout=org.apache.log4j.PatternLayout log4j.appender.RANGERAUDIT.layout.ConversionPattern=%d{ISO8601} %p %c{2}: %L %m%n log4j.appender.RANGERAUDIT.DatePattern=.yyyy-MM-dd restart the respective component. A copy of the Ranger Audit will be sent to /tmp/ranger_hdfs_audit.log ( in this case )
... View more
04-20-2016
06:15 PM
You can also check that port 6083 is configured in the port forwarding setting to access http://localhost:6083/solr/ranger_audits. For Audit not being in Ranger UI you need to check what is configured for ranger.audit.source.type in ranger config. It should be solr.
... View more
03-23-2016
07:21 PM
1 Kudo
@Gerd Koening. Check in Ranger -> Config > Advanced ranger-admin-site
ranger.audit.source.type = db Do you see any exception in namenode log related to Ranger Auditing? Also check that the policy is having the audit enabled. Also hdfs operation you are doing should be for the resources which are in the Policy.
... View more
03-21-2016
11:16 PM
@Jonas Straub Also please check that conf folder where there ranger config is there in the class path of the solr process. This might be the case for you.
... View more
03-21-2016
06:38 AM
1 Kudo
Please check the value for property " ranger.plugin.solr.policy.rest.url" in ranger-solr-security.xml in the solr conf folder. This should have the right value for the ranger admin. You can put the right value and restart solr plugin. Not sure why the enabling of ranger solr plugin didnt update the right value. Did you see any exception in when you enabled solr plugin. May be you can try reinstalling it will be debug on the enable script to see if there are any exceptions and let us know.
... View more
03-09-2016
03:19 AM
3 Kudos
Also setting "xasecure.add-hadoop-authorization" = false in ranger-hdfs-security.xml in /etc/hadoop/conf will stop the fall back to HDFS ACL.
... View more
03-02-2016
06:13 PM
In Ambari -> Ranger -> Config -> Advanced -> Advanced ranger-usersync-site -> ranger.usersync.sleeptimeinmillisbetweensynccycle This is where you maintain the time interval If its a manual install this property in ranger-ugsync-site.xml in conf folder of range-usersync
... View more
- « Previous
- Next »