You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by ma...@apache.org on 2014/09/22 20:29:22 UTC
[08/10] git commit: ARGUS-5: installation updates to configure HDFS
audit provider. Added an option to enable/disable audit to database.
ARGUS-5: installation updates to configure HDFS audit provider. Added an
option to enable/disable audit to database.
Project: http://git-wip-us.apache.org/repos/asf/incubator-argus/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-argus/commit/efd3501d
Tree: http://git-wip-us.apache.org/repos/asf/incubator-argus/tree/efd3501d
Diff: http://git-wip-us.apache.org/repos/asf/incubator-argus/diff/efd3501d
Branch: refs/heads/master
Commit: efd3501dcc79c5a4985b881fbb36b84e374bae63
Parents: c324e8d
Author: mneethiraj <mn...@hortonworks.com>
Authored: Mon Sep 22 00:09:21 2014 -0700
Committer: mneethiraj <mn...@hortonworks.com>
Committed: Mon Sep 22 00:09:21 2014 -0700
----------------------------------------------------------------------
.../audit/provider/LocalFileLogBuffer.java | 16 ++-------
.../com/xasecure/audit/provider/MiscUtil.java | 37 ++++++++++++++++----
.../audit/provider/hdfs/HdfsLogDestination.java | 2 +-
hbase-agent/conf/xasecure-audit-changes.cfg | 12 +++++++
hbase-agent/scripts/install.properties | 16 +++++++++
hdfs-agent/conf/xasecure-audit-changes.cfg | 12 +++++++
hdfs-agent/scripts/install.properties | 16 +++++++++
hive-agent/conf/xasecure-audit-changes.cfg | 12 +++++++
hive-agent/scripts/install.properties | 16 +++++++++
knox-agent/conf/xasecure-audit-changes.cfg | 14 +++++++-
knox-agent/scripts/install.properties | 16 +++++++++
storm-agent/conf/xasecure-audit-changes.cfg | 12 +++++++
storm-agent/scripts/install.properties | 16 +++++++++
13 files changed, 175 insertions(+), 22 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-argus/blob/efd3501d/agents-audit/src/main/java/com/xasecure/audit/provider/LocalFileLogBuffer.java
----------------------------------------------------------------------
diff --git a/agents-audit/src/main/java/com/xasecure/audit/provider/LocalFileLogBuffer.java b/agents-audit/src/main/java/com/xasecure/audit/provider/LocalFileLogBuffer.java
index 280d02c..3e715a9 100644
--- a/agents-audit/src/main/java/com/xasecure/audit/provider/LocalFileLogBuffer.java
+++ b/agents-audit/src/main/java/com/xasecure/audit/provider/LocalFileLogBuffer.java
@@ -37,9 +37,6 @@ import java.util.TreeSet;
import org.apache.log4j.helpers.LogLog;
-import com.google.gson.Gson;
-import com.google.gson.GsonBuilder;
-
public class LocalFileLogBuffer<T> implements LogBuffer<T> {
private String mDirectory = null;
@@ -54,12 +51,9 @@ public class LocalFileLogBuffer<T> implements LogBuffer<T> {
private String mBufferFilename = null;
private long mNextRolloverTime = 0;
- private Gson mGsonBuilder = null;
-
private DestinationDispatcherThread<T> mDispatcherThread = null;
public LocalFileLogBuffer() {
- mGsonBuilder = new GsonBuilder().create();
}
public String getDirectory() {
@@ -167,8 +161,8 @@ public class LocalFileLogBuffer<T> implements LogBuffer<T> {
if(writer != null) {
try {
- String msg = toJson(log);
-
+ String msg = MiscUtil.stringify(log);
+
if(msg.contains(MiscUtil.LINE_SEPARATOR)) {
msg = msg.replace(MiscUtil.LINE_SEPARATOR, MiscUtil.ESCAPE_STR + MiscUtil.LINE_SEPARATOR);
}
@@ -285,12 +279,6 @@ public class LocalFileLogBuffer<T> implements LogBuffer<T> {
boolean isCurrentFilename(String filename) {
return mBufferFilename != null && filename != null && filename.equals(mBufferFilename);
}
-
- private String toJson(T log) {
- String jsonString = mGsonBuilder.toJson(log) ;
-
- return jsonString;
- }
@Override
public String toString() {
http://git-wip-us.apache.org/repos/asf/incubator-argus/blob/efd3501d/agents-audit/src/main/java/com/xasecure/audit/provider/MiscUtil.java
----------------------------------------------------------------------
diff --git a/agents-audit/src/main/java/com/xasecure/audit/provider/MiscUtil.java b/agents-audit/src/main/java/com/xasecure/audit/provider/MiscUtil.java
index c84fdf6..76b367a 100644
--- a/agents-audit/src/main/java/com/xasecure/audit/provider/MiscUtil.java
+++ b/agents-audit/src/main/java/com/xasecure/audit/provider/MiscUtil.java
@@ -9,17 +9,29 @@ import java.util.Date;
import org.apache.log4j.helpers.LogLog;
+import com.google.gson.Gson;
+import com.google.gson.GsonBuilder;
+
public class MiscUtil {
public static final String TOKEN_HOSTNAME = "%hostname%";
public static final String TOKEN_APP_INSTANCE = "%app-instance%";
public static final String TOKEN_CREATE_TIME_START = "%create-time:";
public static final String TOKEN_CREATE_TIME_END = "%";
public static final String ESCAPE_STR = "\\";
-
+
static VMID sJvmID = new VMID();
-
+
public static String LINE_SEPARATOR = System.getProperty("line.separator");
+ private static Gson sGsonBuilder = null;
+
+ static {
+ try {
+ sGsonBuilder = new GsonBuilder().create();
+ } catch(Throwable excp) {
+ }
+ }
+
public static String replaceTokens(String str) {
if(str == null) {
return str;
@@ -121,10 +133,10 @@ public class MiscUtil {
return lastRolloverTime;
}
}
-
+
public static int parseInteger(String str, int defValue) {
int ret = defValue;
-
+
if(str != null) {
try {
ret = Integer.parseInt(str);
@@ -132,8 +144,21 @@ public class MiscUtil {
// ignore
}
}
-
+
return ret;
}
-}
+ public static <T> String stringify(T log) {
+ String ret = null;
+
+ if(log != null) {
+ if(MiscUtil.sGsonBuilder != null) {
+ ret = MiscUtil.sGsonBuilder.toJson(log);
+ } else {
+ ret = log.toString();
+ }
+ }
+
+ return ret;
+ }
+}
http://git-wip-us.apache.org/repos/asf/incubator-argus/blob/efd3501d/agents-audit/src/main/java/com/xasecure/audit/provider/hdfs/HdfsLogDestination.java
----------------------------------------------------------------------
diff --git a/agents-audit/src/main/java/com/xasecure/audit/provider/hdfs/HdfsLogDestination.java b/agents-audit/src/main/java/com/xasecure/audit/provider/hdfs/HdfsLogDestination.java
index 7567962..fbc0431 100644
--- a/agents-audit/src/main/java/com/xasecure/audit/provider/hdfs/HdfsLogDestination.java
+++ b/agents-audit/src/main/java/com/xasecure/audit/provider/hdfs/HdfsLogDestination.java
@@ -142,7 +142,7 @@ public class HdfsLogDestination<T> implements LogDestination<T> {
if(writer != null) {
try {
- writer.write(log);
+ writer.write(log + MiscUtil.LINE_SEPARATOR);
ret = true;
} catch (IOException excp) {
http://git-wip-us.apache.org/repos/asf/incubator-argus/blob/efd3501d/hbase-agent/conf/xasecure-audit-changes.cfg
----------------------------------------------------------------------
diff --git a/hbase-agent/conf/xasecure-audit-changes.cfg b/hbase-agent/conf/xasecure-audit-changes.cfg
index dd4b70b..66beb58 100644
--- a/hbase-agent/conf/xasecure-audit-changes.cfg
+++ b/hbase-agent/conf/xasecure-audit-changes.cfg
@@ -1,6 +1,18 @@
+xasecure.audit.db.is.enabled %XAAUDIT.DB.IS_ENABLED% mod create-if-not-exists
xasecure.audit.jpa.javax.persistence.jdbc.url %XAAUDIT.DB.JDBC_URL% mod create-if-not-exists
xasecure.audit.jpa.javax.persistence.jdbc.user %XAAUDIT.DB.USER_NAME% mod create-if-not-exists
xasecure.audit.jpa.javax.persistence.jdbc.password crypted mod create-if-not-exists
xasecure.audit.repository.name %REPOSITORY_NAME% mod create-if-not-exists
xasecure.audit.credential.provider.file jceks://file%CREDENTIAL_PROVIDER_FILE% mod create-if-not-exists
xasecure.audit.jpa.javax.persistence.jdbc.driver %XAAUDIT.DB.JDBC_DRIVER% mod create-if-not-exists
+
+xasecure.audit.hdfs.is.enabled %XAAUDIT.HDFS.IS_ENABLED% mod create-if-not-exists
+xasecure.audit.hdfs.config.destination.directroy %XAAUDIT.HDFS.DESTINATION_DIRECTORY% mod create-if-not-exists
+xasecure.audit.hdfs.config.destination.file %XAAUDIT.HDFS.DESTINTATION_FILE% mod create-if-not-exists
+xasecure.audit.hdfs.config.destination.rollover.interval.seconds %XAAUDIT.HDFS.DESTINTATION_ROLLOVER_INTERVAL_SECONDS% mod create-if-not-exists
+xasecure.audit.hdfs.config.destination.open.retry.interval.seconds %XAAUDIT.HDFS.DESTINTATION_OPEN_RETRY_INTERVAL_SECONDS% mod create-if-not-exists
+xasecure.audit.hdfs.config.local.buffer.directroy %XAAUDIT.HDFS.LOCAL_BUFFER_DIRECTORY% mod create-if-not-exists
+xasecure.audit.hdfs.config.local.buffer.file %XAAUDIT.HDFS.LOCAL_BUFFER_FILE% mod create-if-not-exists
+xasecure.audit.hdfs.config.local.buffer.rollover.interval.seconds %XAAUDIT.HDFS.LOCAL_BUFFER_ROLLOVER_INTERVAL_SECONDS% mod create-if-not-exists
+xasecure.audit.hdfs.config.local.archive.directroy %XAAUDIT.HDFS.LOCAL_ARCHIVE_DIRECTORY% mod create-if-not-exists
+xasecure.audit.hdfs.config.local.archive.max.file.count %XAAUDIT.HDFS.LOCAL_ARCHIVE_MAX_FILE_COUNT% mod create-if-not-exists
http://git-wip-us.apache.org/repos/asf/incubator-argus/blob/efd3501d/hbase-agent/scripts/install.properties
----------------------------------------------------------------------
diff --git a/hbase-agent/scripts/install.properties b/hbase-agent/scripts/install.properties
index fa963ec..bfc5292 100644
--- a/hbase-agent/scripts/install.properties
+++ b/hbase-agent/scripts/install.properties
@@ -103,5 +103,21 @@ UPDATE_XAPOLICIES_ON_GRANT_REVOKE=true
# XAAUDIT.DB.JDBC_URL=jdbc:oracle:thin:@//127.0.0.1:1521/XE
# XAAUDIT.DB.JDBC_DRIVER=oracle.jdbc.OracleDriver
+XAAUDIT.DB.IS_ENABLED=true
XAAUDIT.DB.JDBC_URL=jdbc:mysql://localhost:3306/xasecure
XAAUDIT.DB.JDBC_DRIVER=com.mysql.jdbc.Driver
+
+
+#
+# Audit to HDFS
+#
+XAAUDIT.HDFS.IS_ENABLED=false
+XAAUDIT.HDFS.DESTINATION_DIRECTORY=hdfs://localhost:8020/audit/hbase/%create-time:yyyyMMdd%
+XAAUDIT.HDFS.DESTINTATION_FILE=%hostname%-audit.log
+XAAUDIT.HDFS.DESTINTATION_ROLLOVER_INTERVAL_SECONDS=86400
+XAAUDIT.HDFS.DESTINTATION_OPEN_RETRY_INTERVAL_SECONDS=60
+XAAUDIT.HDFS.LOCAL_BUFFER_DIRECTORY=/tmp/logs/hbase
+XAAUDIT.HDFS.LOCAL_BUFFER_FILE=%create-time:yyyyMMdd-HHmm.ss%.log
+XAAUDIT.HDFS.LOCAL_BUFFER_ROLLOVER_INTERVAL_SECONDS=600
+XAAUDIT.HDFS.LOCAL_ARCHIVE_DIRECTORY=/tmp/logs/archive/hbase
+XAAUDIT.HDFS.LOCAL_ARCHIVE_MAX_FILE_COUNT=10
http://git-wip-us.apache.org/repos/asf/incubator-argus/blob/efd3501d/hdfs-agent/conf/xasecure-audit-changes.cfg
----------------------------------------------------------------------
diff --git a/hdfs-agent/conf/xasecure-audit-changes.cfg b/hdfs-agent/conf/xasecure-audit-changes.cfg
index dd4b70b..66beb58 100644
--- a/hdfs-agent/conf/xasecure-audit-changes.cfg
+++ b/hdfs-agent/conf/xasecure-audit-changes.cfg
@@ -1,6 +1,18 @@
+xasecure.audit.db.is.enabled %XAAUDIT.DB.IS_ENABLED% mod create-if-not-exists
xasecure.audit.jpa.javax.persistence.jdbc.url %XAAUDIT.DB.JDBC_URL% mod create-if-not-exists
xasecure.audit.jpa.javax.persistence.jdbc.user %XAAUDIT.DB.USER_NAME% mod create-if-not-exists
xasecure.audit.jpa.javax.persistence.jdbc.password crypted mod create-if-not-exists
xasecure.audit.repository.name %REPOSITORY_NAME% mod create-if-not-exists
xasecure.audit.credential.provider.file jceks://file%CREDENTIAL_PROVIDER_FILE% mod create-if-not-exists
xasecure.audit.jpa.javax.persistence.jdbc.driver %XAAUDIT.DB.JDBC_DRIVER% mod create-if-not-exists
+
+xasecure.audit.hdfs.is.enabled %XAAUDIT.HDFS.IS_ENABLED% mod create-if-not-exists
+xasecure.audit.hdfs.config.destination.directroy %XAAUDIT.HDFS.DESTINATION_DIRECTORY% mod create-if-not-exists
+xasecure.audit.hdfs.config.destination.file %XAAUDIT.HDFS.DESTINTATION_FILE% mod create-if-not-exists
+xasecure.audit.hdfs.config.destination.rollover.interval.seconds %XAAUDIT.HDFS.DESTINTATION_ROLLOVER_INTERVAL_SECONDS% mod create-if-not-exists
+xasecure.audit.hdfs.config.destination.open.retry.interval.seconds %XAAUDIT.HDFS.DESTINTATION_OPEN_RETRY_INTERVAL_SECONDS% mod create-if-not-exists
+xasecure.audit.hdfs.config.local.buffer.directroy %XAAUDIT.HDFS.LOCAL_BUFFER_DIRECTORY% mod create-if-not-exists
+xasecure.audit.hdfs.config.local.buffer.file %XAAUDIT.HDFS.LOCAL_BUFFER_FILE% mod create-if-not-exists
+xasecure.audit.hdfs.config.local.buffer.rollover.interval.seconds %XAAUDIT.HDFS.LOCAL_BUFFER_ROLLOVER_INTERVAL_SECONDS% mod create-if-not-exists
+xasecure.audit.hdfs.config.local.archive.directroy %XAAUDIT.HDFS.LOCAL_ARCHIVE_DIRECTORY% mod create-if-not-exists
+xasecure.audit.hdfs.config.local.archive.max.file.count %XAAUDIT.HDFS.LOCAL_ARCHIVE_MAX_FILE_COUNT% mod create-if-not-exists
http://git-wip-us.apache.org/repos/asf/incubator-argus/blob/efd3501d/hdfs-agent/scripts/install.properties
----------------------------------------------------------------------
diff --git a/hdfs-agent/scripts/install.properties b/hdfs-agent/scripts/install.properties
index 07f181a..73643b8 100644
--- a/hdfs-agent/scripts/install.properties
+++ b/hdfs-agent/scripts/install.properties
@@ -96,5 +96,21 @@ SSL_TRUSTSTORE_PASSWORD=changeit
# XAAUDIT.DB.JDBC_URL=jdbc:oracle:thin:@//127.0.0.1:1521/XE
# XAAUDIT.DB.JDBC_DRIVER=oracle.jdbc.OracleDriver
+XAAUDIT.DB.IS_ENABLED=true
XAAUDIT.DB.JDBC_URL=jdbc:mysql://localhost:3306/xasecure
XAAUDIT.DB.JDBC_DRIVER=com.mysql.jdbc.Driver
+
+
+#
+# Audit to HDFS
+#
+XAAUDIT.HDFS.IS_ENABLED=false
+XAAUDIT.HDFS.DESTINATION_DIRECTORY=hdfs://localhost:8020/audit/hdfs/%create-time:yyyyMMdd%
+XAAUDIT.HDFS.DESTINTATION_FILE=%hostname%-audit.log
+XAAUDIT.HDFS.DESTINTATION_ROLLOVER_INTERVAL_SECONDS=86400
+XAAUDIT.HDFS.DESTINTATION_OPEN_RETRY_INTERVAL_SECONDS=60
+XAAUDIT.HDFS.LOCAL_BUFFER_DIRECTORY=/tmp/logs/hdfs
+XAAUDIT.HDFS.LOCAL_BUFFER_FILE=%create-time:yyyyMMdd-HHmm.ss%.log
+XAAUDIT.HDFS.LOCAL_BUFFER_ROLLOVER_INTERVAL_SECONDS=600
+XAAUDIT.HDFS.LOCAL_ARCHIVE_DIRECTORY=/tmp/logs/archive/hdfs
+XAAUDIT.HDFS.LOCAL_ARCHIVE_MAX_FILE_COUNT=10
http://git-wip-us.apache.org/repos/asf/incubator-argus/blob/efd3501d/hive-agent/conf/xasecure-audit-changes.cfg
----------------------------------------------------------------------
diff --git a/hive-agent/conf/xasecure-audit-changes.cfg b/hive-agent/conf/xasecure-audit-changes.cfg
index 42ed849..0ae94fb 100644
--- a/hive-agent/conf/xasecure-audit-changes.cfg
+++ b/hive-agent/conf/xasecure-audit-changes.cfg
@@ -1,6 +1,18 @@
+xasecure.audit.db.is.enabled %XAAUDIT.DB.IS_ENABLED% mod create-if-not-exists
xasecure.audit.jpa.javax.persistence.jdbc.url %XAAUDIT.DB.JDBC_URL% mod create-if-not-exists
xasecure.audit.jpa.javax.persistence.jdbc.user %XAAUDIT.DB.USER_NAME% mod create-if-not-exists
xasecure.audit.jpa.javax.persistence.jdbc.password crypted mod create-if-not-exists
xasecure.audit.repository.name %REPOSITORY_NAME% mod create-if-not-exists
xasecure.audit.credential.provider.file jceks://file%CREDENTIAL_PROVIDER_FILE% mod create-if-not-exists
xasecure.audit.jpa.javax.persistence.jdbc.driver %XAAUDIT.DB.JDBC_DRIVER% mod create-if-not-exists
+
+xasecure.audit.hdfs.is.enabled %XAAUDIT.HDFS.IS_ENABLED% mod create-if-not-exists
+xasecure.audit.hdfs.config.destination.directroy %XAAUDIT.HDFS.DESTINATION_DIRECTORY% mod create-if-not-exists
+xasecure.audit.hdfs.config.destination.file %XAAUDIT.HDFS.DESTINTATION_FILE% mod create-if-not-exists
+xasecure.audit.hdfs.config.destination.rollover.interval.seconds %XAAUDIT.HDFS.DESTINTATION_ROLLOVER_INTERVAL_SECONDS% mod create-if-not-exists
+xasecure.audit.hdfs.config.destination.open.retry.interval.seconds %XAAUDIT.HDFS.DESTINTATION_OPEN_RETRY_INTERVAL_SECONDS% mod create-if-not-exists
+xasecure.audit.hdfs.config.local.buffer.directroy %XAAUDIT.HDFS.LOCAL_BUFFER_DIRECTORY% mod create-if-not-exists
+xasecure.audit.hdfs.config.local.buffer.file %XAAUDIT.HDFS.LOCAL_BUFFER_FILE% mod create-if-not-exists
+xasecure.audit.hdfs.config.local.buffer.rollover.interval.seconds %XAAUDIT.HDFS.LOCAL_BUFFER_ROLLOVER_INTERVAL_SECONDS% mod create-if-not-exists
+xasecure.audit.hdfs.config.local.archive.directroy %XAAUDIT.HDFS.LOCAL_ARCHIVE_DIRECTORY% mod create-if-not-exists
+xasecure.audit.hdfs.config.local.archive.max.file.count %XAAUDIT.HDFS.LOCAL_ARCHIVE_MAX_FILE_COUNT% mod create-if-not-exists
http://git-wip-us.apache.org/repos/asf/incubator-argus/blob/efd3501d/hive-agent/scripts/install.properties
----------------------------------------------------------------------
diff --git a/hive-agent/scripts/install.properties b/hive-agent/scripts/install.properties
index 1ef9c22..436c53d 100644
--- a/hive-agent/scripts/install.properties
+++ b/hive-agent/scripts/install.properties
@@ -103,5 +103,21 @@ UPDATE_XAPOLICIES_ON_GRANT_REVOKE=true
# XAAUDIT.DB.JDBC_URL=jdbc:oracle:thin:@//127.0.0.1:1521/XE
# XAAUDIT.DB.JDBC_DRIVER=oracle.jdbc.OracleDriver
+XAAUDIT.DB.IS_ENABLED=true
XAAUDIT.DB.JDBC_URL=jdbc:mysql://localhost:3306/xasecure
XAAUDIT.DB.JDBC_DRIVER=com.mysql.jdbc.Driver
+
+
+#
+# Audit to HDFS
+#
+XAAUDIT.HDFS.IS_ENABLED=false
+XAAUDIT.HDFS.DESTINATION_DIRECTORY=hdfs://localhost:8020/audit/hive/%create-time:yyyyMMdd%
+XAAUDIT.HDFS.DESTINTATION_FILE=%hostname%-audit.log
+XAAUDIT.HDFS.DESTINTATION_ROLLOVER_INTERVAL_SECONDS=86400
+XAAUDIT.HDFS.DESTINTATION_OPEN_RETRY_INTERVAL_SECONDS=60
+XAAUDIT.HDFS.LOCAL_BUFFER_DIRECTORY=/tmp/logs/hive
+XAAUDIT.HDFS.LOCAL_BUFFER_FILE=%create-time:yyyyMMdd-HHmm.ss%.log
+XAAUDIT.HDFS.LOCAL_BUFFER_ROLLOVER_INTERVAL_SECONDS=600
+XAAUDIT.HDFS.LOCAL_ARCHIVE_DIRECTORY=/tmp/logs/archive/hive
+XAAUDIT.HDFS.LOCAL_ARCHIVE_MAX_FILE_COUNT=10
http://git-wip-us.apache.org/repos/asf/incubator-argus/blob/efd3501d/knox-agent/conf/xasecure-audit-changes.cfg
----------------------------------------------------------------------
diff --git a/knox-agent/conf/xasecure-audit-changes.cfg b/knox-agent/conf/xasecure-audit-changes.cfg
index 22a4da7..9e0340e 100644
--- a/knox-agent/conf/xasecure-audit-changes.cfg
+++ b/knox-agent/conf/xasecure-audit-changes.cfg
@@ -1,5 +1,17 @@
+xasecure.audit.db.is.enabled %XAAUDIT.DB.IS_ENABLED% mod create-if-not-exists
xasecure.audit.jpa.javax.persistence.jdbc.url %XAAUDIT.DB.JDBC_URL% mod create-if-not-exists
xasecure.audit.jpa.javax.persistence.jdbc.user %XAAUDIT.DB.USER_NAME% mod create-if-not-exists
xasecure.audit.credential.provider.file jceks://file%CREDENTIAL_PROVIDER_FILE% mod create-if-not-exists
xasecure.audit.repository.name %REPOSITORY_NAME% mod create-if-not-exists
-xasecure.audit.jpa.javax.persistence.jdbc.driver %XAAUDIT.DB.JDBC_DRIVER% mod create-if-not-exists
\ No newline at end of file
+xasecure.audit.jpa.javax.persistence.jdbc.driver %XAAUDIT.DB.JDBC_DRIVER% mod create-if-not-exists
+
+xasecure.audit.hdfs.is.enabled %XAAUDIT.HDFS.IS_ENABLED% mod create-if-not-exists
+xasecure.audit.hdfs.config.destination.directroy %XAAUDIT.HDFS.DESTINATION_DIRECTORY% mod create-if-not-exists
+xasecure.audit.hdfs.config.destination.file %XAAUDIT.HDFS.DESTINTATION_FILE% mod create-if-not-exists
+xasecure.audit.hdfs.config.destination.rollover.interval.seconds %XAAUDIT.HDFS.DESTINTATION_ROLLOVER_INTERVAL_SECONDS% mod create-if-not-exists
+xasecure.audit.hdfs.config.destination.open.retry.interval.seconds %XAAUDIT.HDFS.DESTINTATION_OPEN_RETRY_INTERVAL_SECONDS% mod create-if-not-exists
+xasecure.audit.hdfs.config.local.buffer.directroy %XAAUDIT.HDFS.LOCAL_BUFFER_DIRECTORY% mod create-if-not-exists
+xasecure.audit.hdfs.config.local.buffer.file %XAAUDIT.HDFS.LOCAL_BUFFER_FILE% mod create-if-not-exists
+xasecure.audit.hdfs.config.local.buffer.rollover.interval.seconds %XAAUDIT.HDFS.LOCAL_BUFFER_ROLLOVER_INTERVAL_SECONDS% mod create-if-not-exists
+xasecure.audit.hdfs.config.local.archive.directroy %XAAUDIT.HDFS.LOCAL_ARCHIVE_DIRECTORY% mod create-if-not-exists
+xasecure.audit.hdfs.config.local.archive.max.file.count %XAAUDIT.HDFS.LOCAL_ARCHIVE_MAX_FILE_COUNT% mod create-if-not-exists
http://git-wip-us.apache.org/repos/asf/incubator-argus/blob/efd3501d/knox-agent/scripts/install.properties
----------------------------------------------------------------------
diff --git a/knox-agent/scripts/install.properties b/knox-agent/scripts/install.properties
index f84168d..3f9aa33 100644
--- a/knox-agent/scripts/install.properties
+++ b/knox-agent/scripts/install.properties
@@ -89,5 +89,21 @@ SSL_TRUSTSTORE_PASSWORD=changeit
# XAAUDIT.DB.JDBC_URL=jdbc:oracle:thin:@//127.0.0.1:1521/XE
# XAAUDIT.DB.JDBC_DRIVER=oracle.jdbc.OracleDriver
+XAAUDIT.DB.IS_ENABLED=true
XAAUDIT.DB.JDBC_URL=jdbc:mysql://localhost:3306/xasecure
XAAUDIT.DB.JDBC_DRIVER=com.mysql.jdbc.Driver
+
+
+#
+# Audit to HDFS
+#
+XAAUDIT.HDFS.IS_ENABLED=false
+XAAUDIT.HDFS.DESTINATION_DIRECTORY=hdfs://localhost:8020/audit/knox/%create-time:yyyyMMdd%
+XAAUDIT.HDFS.DESTINTATION_FILE=%hostname%-audit.log
+XAAUDIT.HDFS.DESTINTATION_ROLLOVER_INTERVAL_SECONDS=86400
+XAAUDIT.HDFS.DESTINTATION_OPEN_RETRY_INTERVAL_SECONDS=60
+XAAUDIT.HDFS.LOCAL_BUFFER_DIRECTORY=/tmp/logs/knox
+XAAUDIT.HDFS.LOCAL_BUFFER_FILE=%create-time:yyyyMMdd-HHmm.ss%.log
+XAAUDIT.HDFS.LOCAL_BUFFER_ROLLOVER_INTERVAL_SECONDS=600
+XAAUDIT.HDFS.LOCAL_ARCHIVE_DIRECTORY=/tmp/logs/archive/knox
+XAAUDIT.HDFS.LOCAL_ARCHIVE_MAX_FILE_COUNT=10
http://git-wip-us.apache.org/repos/asf/incubator-argus/blob/efd3501d/storm-agent/conf/xasecure-audit-changes.cfg
----------------------------------------------------------------------
diff --git a/storm-agent/conf/xasecure-audit-changes.cfg b/storm-agent/conf/xasecure-audit-changes.cfg
index f0c1050..68a2484 100644
--- a/storm-agent/conf/xasecure-audit-changes.cfg
+++ b/storm-agent/conf/xasecure-audit-changes.cfg
@@ -1,6 +1,18 @@
+xasecure.audit.db.is.enabled %XAAUDIT.DB.IS_ENABLED% mod create-if-not-exists
xasecure.audit.jpa.javax.persistence.jdbc.url %XAAUDIT.DB.JDBC_URL% mod create-if-not-exists
xasecure.audit.jpa.javax.persistence.jdbc.user %XAAUDIT.DB.USER_NAME% mod create-if-not-exists
xasecure.audit.jpa.javax.persistence.jdbc.password crypted mod create-if-not-exists
xasecure.audit.repository.name %REPOSITORY_NAME% mod create-if-not-exists
xasecure.audit.credential.provider.file jceks://file%CREDENTIAL_PROVIDER_FILE% mod create-if-not-exists
xasecure.audit.jpa.javax.persistence.jdbc.driver %XAAUDIT.DB.JDBC_DRIVER% mod create-if-not-exists
+
+xasecure.audit.hdfs.is.enabled %XAAUDIT.HDFS.IS_ENABLED% mod create-if-not-exists
+xasecure.audit.hdfs.config.destination.directroy %XAAUDIT.HDFS.DESTINATION_DIRECTORY% mod create-if-not-exists
+xasecure.audit.hdfs.config.destination.file %XAAUDIT.HDFS.DESTINTATION_FILE% mod create-if-not-exists
+xasecure.audit.hdfs.config.destination.rollover.interval.seconds %XAAUDIT.HDFS.DESTINTATION_ROLLOVER_INTERVAL_SECONDS% mod create-if-not-exists
+xasecure.audit.hdfs.config.destination.open.retry.interval.seconds %XAAUDIT.HDFS.DESTINTATION_OPEN_RETRY_INTERVAL_SECONDS% mod create-if-not-exists
+xasecure.audit.hdfs.config.local.buffer.directroy %XAAUDIT.HDFS.LOCAL_BUFFER_DIRECTORY% mod create-if-not-exists
+xasecure.audit.hdfs.config.local.buffer.file %XAAUDIT.HDFS.LOCAL_BUFFER_FILE% mod create-if-not-exists
+xasecure.audit.hdfs.config.local.buffer.rollover.interval.seconds %XAAUDIT.HDFS.LOCAL_BUFFER_ROLLOVER_INTERVAL_SECONDS% mod create-if-not-exists
+xasecure.audit.hdfs.config.local.archive.directroy %XAAUDIT.HDFS.LOCAL_ARCHIVE_DIRECTORY% mod create-if-not-exists
+xasecure.audit.hdfs.config.local.archive.max.file.count %XAAUDIT.HDFS.LOCAL_ARCHIVE_MAX_FILE_COUNT% mod create-if-not-exists
http://git-wip-us.apache.org/repos/asf/incubator-argus/blob/efd3501d/storm-agent/scripts/install.properties
----------------------------------------------------------------------
diff --git a/storm-agent/scripts/install.properties b/storm-agent/scripts/install.properties
index 359f66b..8e0ec8f 100644
--- a/storm-agent/scripts/install.properties
+++ b/storm-agent/scripts/install.properties
@@ -93,5 +93,21 @@ SSL_TRUSTSTORE_PASSWORD=changeit
# XAAUDIT.DB.JDBC_URL=jdbc:oracle:thin:@//127.0.0.1:1521/XE
# XAAUDIT.DB.JDBC_DRIVER=oracle.jdbc.OracleDriver
+XAAUDIT.DB.IS_ENABLED=true
XAAUDIT.DB.JDBC_URL=jdbc:mysql://localhost:3306/xasecure
XAAUDIT.DB.JDBC_DRIVER=com.mysql.jdbc.Driver
+
+
+#
+# Audit to HDFS
+#
+XAAUDIT.HDFS.IS_ENABLED=false
+XAAUDIT.HDFS.DESTINATION_DIRECTORY=hdfs://localhost:8020/audit/storm/%create-time:yyyyMMdd%
+XAAUDIT.HDFS.DESTINTATION_FILE=%hostname%-audit.log
+XAAUDIT.HDFS.DESTINTATION_ROLLOVER_INTERVAL_SECONDS=86400
+XAAUDIT.HDFS.DESTINTATION_OPEN_RETRY_INTERVAL_SECONDS=60
+XAAUDIT.HDFS.LOCAL_BUFFER_DIRECTORY=/tmp/logs/storm
+XAAUDIT.HDFS.LOCAL_BUFFER_FILE=%create-time:yyyyMMdd-HHmm.ss%.log
+XAAUDIT.HDFS.LOCAL_BUFFER_ROLLOVER_INTERVAL_SECONDS=600
+XAAUDIT.HDFS.LOCAL_ARCHIVE_DIRECTORY=/tmp/logs/archive/storm
+XAAUDIT.HDFS.LOCAL_ARCHIVE_MAX_FILE_COUNT=10