You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ranger.apache.org by "Ramesh Mani (Jira)" <ji...@apache.org> on 2021/12/08 08:20:00 UTC
[jira] [Updated] (RANGER-1841) Audit log record for 'use dbName' hive command contains large number of tags
[ https://issues.apache.org/jira/browse/RANGER-1841?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Ramesh Mani updated RANGER-1841:
--------------------------------
Fix Version/s: 0.7.0
> Audit log record for 'use dbName' hive command contains large number of tags
> ----------------------------------------------------------------------------
>
> Key: RANGER-1841
> URL: https://issues.apache.org/jira/browse/RANGER-1841
> Project: Ranger
> Issue Type: Bug
> Components: plugins
> Reporter: Madhan Neethiraj
> Assignee: Abhay Kulkarni
> Priority: Major
> Fix For: 0.7.0
>
>
> When a Hive service is configured for tag-based authorization, the audit log generated for ‘use dbName’ command would contain all the tags associated with: the database, all tables in the database, all the columns in the database. The number of tags in this audit log could be too many; and having such large number of tags in audit logs of 'use <dbName>' command may not be useful. It will be better not to log tags in audit logs for 'use <dbName>' commands. Policy-id recorded in the audit log can be used to identity the tag, if a tag-based policy authorized the command.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)