You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ranger.apache.org by Madhan Neethiraj <ma...@apache.org> on 2016/02/01 08:24:53 UTC
Re: Review Request 42601: RANGER-798 - Approach 1 : Handle different
timezone issue while saving audit logs to Solr
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/42601/#review117191
-----------------------------------------------------------
Fix it, then Ship it!
Ok to commit after updating for the comment below.
agents-audit/src/main/java/org/apache/ranger/audit/entity/AuthzAuditEventDbObj.java (line 149)
<https://reviews.apache.org/r/42601/#comment178294>
"event != null" - not necessary. Please remove.
- Madhan Neethiraj
On Jan. 28, 2016, 1:12 p.m., Gautam Borad wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/42601/
> -----------------------------------------------------------
>
> (Updated Jan. 28, 2016, 1:12 p.m.)
>
>
> Review request for ranger, Alok Lal, Don Bosco Durai, Abhay Kulkarni, Madhan Neethiraj, Ramesh Mani, Selvamohan Neethiraj, and Velmurugan Periasamy.
>
>
> Bugs: RANGER-798
> https://issues.apache.org/jira/browse/RANGER-798
>
>
> Repository: ranger
>
>
> Description
> -------
>
> **Problem Statement**:
> The current implementation of “auditEvent.getEventTime()” contains time in UTC and since it's a date object it will contain component machine's local timezone. When Solr receives this date object and timezone, it tries to convert it from given timezone to UTC timestamp, which leads to double conversion of actual time before it get stored in Solr.
>
> **Proposed Solution**:
> If we can provide server local time and timezone to Solr then Solr will convert the received time from given timezone to UTC.
> As an alternate solution, replaced getUTCDate() with new Date() object at various places for audit event time, all audit destination will receive local Date object, for Solr there will be no conversion on received Date object but for all other audit destination we need to convert the received Date value to UTC timestamp as audit logs are being stored in UTC timestamp for all service/component. If all destination thread are enabled then changing the received event object may create issue in other audit destination as same event object is refferred everywhere. Hence received event object attributes value are being copied in another local event object and the updated event time can be stored there, after this local event object will be used to convert that in JSON to write in HDFS, or can be persisted in DB.
>
>
> Diffs
> -----
>
> agents-audit/src/main/java/org/apache/ranger/audit/entity/AuthzAuditEventDbObj.java d52a60a
> agents-audit/src/main/java/org/apache/ranger/audit/provider/MiscUtil.java 9586f73
> agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessRequestImpl.java fe50ca6
> hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/RangerHdfsAuthorizer.java 5125af7
> hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAccessRequest.java 2ae4149
> hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuditHandler.java 0f13577
> plugin-kafka/src/main/java/org/apache/ranger/authorization/kafka/authorizer/RangerKafkaAuthorizer.java bb6a337
> plugin-kms/src/main/java/org/apache/ranger/authorization/kms/authorizer/RangerKmsAuthorizer.java 04b8b91
> plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuthorizer.java a8ecf15
> plugin-yarn/src/main/java/org/apache/ranger/authorization/yarn/authorizer/RangerYarnAuthorizer.java ab9b7a9
>
> Diff: https://reviews.apache.org/r/42601/diff/
>
>
> Testing
> -------
>
> Steps performed(after patch) :
> 1) Changed plugin system time zone to IST and restarted all components.
> 2) Initiated an HDFS audit event.
> 3) Checked event time of newly created audit log in Solr, Audit log event time was matching with UTC.
> 4) Checked event time in Ranger UI, newly generated Audit event is matching with current time.
> 5) Checked event time of newly created audit log in xa_access_audit table, Audit log event time was matching with UTC.
> 6) Checked event time of newly created audit log in HDFS logs, Audit log event time was matching with UTC.
>
> Note: Will test other services audit logs after this approach is reviewed.
>
>
> Thanks,
>
> Gautam Borad
>
>