You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@accumulo.apache.org by "Philip Young (JIRA)" <ji...@apache.org> on 2013/02/14 23:09:12 UTC

[jira] [Created] (ACCUMULO-1070) Improve the auditing messages that are generated from the server.

Philip Young created ACCUMULO-1070:
--------------------------------------

             Summary: Improve the auditing messages that are generated from the server.
                 Key: ACCUMULO-1070
                 URL: https://issues.apache.org/jira/browse/ACCUMULO-1070
             Project: Accumulo
          Issue Type: Improvement
          Components: master, tserver
    Affects Versions: 1.4.2
            Reporter: Philip Young
            Assignee: Eric Newton
             Fix For: 1.5.0


Auditing of all user interactions, including system administrators, is sometimes required by a companies so that they can retrospectively audit user interactions after a security breach. Currently, not all user operations on the Accumulo server are generating audit messages and if they are, not in a consistent manner. 

The audit created in the AuditedSecurityOperations class are not currently creating consistent messages when an user passes the operation validation to when they fail the operation validation.

Also, the Scan operations are not being audited and it would be very useful to know who has run scans and what those scans were, by including: the principal user, the column families, the ranges, etc.
 
I am intending to address both of these issues and submit a patch in the next week.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira