You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@ranger.apache.org by "Ramesh Mani (Jira)" <ji...@apache.org> on 2021/12/08 08:20:00 UTC

[jira] [Updated] (RANGER-1841) Audit log record for 'use dbName' hive command contains large number of tags

     [ https://issues.apache.org/jira/browse/RANGER-1841?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Ramesh Mani updated RANGER-1841:
--------------------------------
    Fix Version/s: 0.7.0

> Audit log record for 'use dbName' hive command contains large number of tags
> ----------------------------------------------------------------------------
>
>                 Key: RANGER-1841
>                 URL: https://issues.apache.org/jira/browse/RANGER-1841
>             Project: Ranger
>          Issue Type: Bug
>          Components: plugins
>            Reporter: Madhan Neethiraj
>            Assignee: Abhay Kulkarni
>            Priority: Major
>             Fix For: 0.7.0
>
>
> When a Hive service is configured for tag-based authorization, the audit log generated for  ‘use dbName’ command would contain all the tags associated with: the database, all tables in the database, all the columns in the database. The number of tags in this audit log could be too many; and having such large number of tags in audit logs of 'use <dbName>' command may not be useful. It will be better not to log tags in audit logs for 'use <dbName>' commands. Policy-id recorded in the audit log can be used to identity the tag, if a tag-based policy  authorized the command.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)