Examples with AuthzAuditEvent org.apache.ranger.audit.model.AuthzAuditEvent used on opensource projects

Search in sources :

Example 11 with AuthzAuditEvent

use of org.apache.ranger.audit.model.AuthzAuditEvent in project ranger by apache.

the class RangerHiveAuditHandler method createAuditEvents.

List<AuthzAuditEvent> createAuditEvents(Collection<RangerAccessResult> results) {
    Map<Long, AuthzAuditEvent> auditEvents = new HashMap<Long, AuthzAuditEvent>();
    Iterator<RangerAccessResult> iterator = results.iterator();
    AuthzAuditEvent deniedAuditEvent = null;
    while (iterator.hasNext() && deniedAuditEvent == null) {
        RangerAccessResult result = iterator.next();
        if (result.getIsAudited()) {
            if (!result.getIsAllowed()) {
                deniedAuditEvent = createAuditEvent(result);
            } else {
                long policyId = result.getPolicyId();
                if (auditEvents.containsKey(policyId)) {
                    // add this result to existing event by updating column values
                    AuthzAuditEvent auditEvent = auditEvents.get(policyId);
                    RangerHiveAccessRequest request = (RangerHiveAccessRequest) result.getAccessRequest();
                    RangerHiveResource resource = (RangerHiveResource) request.getResource();
                    String resourcePath = auditEvent.getResourcePath() + "," + resource.getColumn();
                    auditEvent.setResourcePath(resourcePath);
                    Set<String> tags = getTags(request);
                    if (tags != null) {
                        auditEvent.getTags().addAll(tags);
                    }
                } else {
                    // new event as this approval was due to a different policy.
                    AuthzAuditEvent auditEvent = createAuditEvent(result);
                    if (auditEvent != null) {
                        auditEvents.put(policyId, auditEvent);
                    }
                }
            }
        }
    }
    List<AuthzAuditEvent> result;
    if (deniedAuditEvent == null) {
        result = new ArrayList<>(auditEvents.values());
    } else {
        result = Lists.newArrayList(deniedAuditEvent);
    }
    return result;
}
Also used : RangerAccessResult(org.apache.ranger.plugin.policyengine.RangerAccessResult) AuthzAuditEvent(org.apache.ranger.audit.model.AuthzAuditEvent)

Example 12 with AuthzAuditEvent

use of org.apache.ranger.audit.model.AuthzAuditEvent in project ranger by apache.

the class TestAuditQueue method testFileDestination.

@Test
public void testFileDestination() {
    logger.debug("testFileDestination()...");
    int messageToSend = 10;
    int batchSize = messageToSend / 3;
    int queueSize = messageToSend * 2;
    // Should be less than final sleep time
    int intervalMS = 500;
    String logFolderName = "target/testFileDestination";
    File logFolder = new File(logFolderName);
    String logFileName = "test_ranger_audit.log";
    File logFile = new File(logFolder, logFileName);
    Properties props = new Properties();
    // Destination
    String filePropPrefix = AuditProviderFactory.AUDIT_DEST_BASE + ".file";
    props.put(filePropPrefix, "enable");
    props.put(filePropPrefix + "." + AuditQueue.PROP_NAME, "file");
    props.put(filePropPrefix + "." + FileAuditDestination.PROP_FILE_LOCAL_DIR, logFolderName);
    props.put(filePropPrefix + "." + FileAuditDestination.PROP_FILE_LOCAL_FILE_NAME_FORMAT, "%app-type%_ranger_audit.log");
    props.put(filePropPrefix + "." + FileAuditDestination.PROP_FILE_FILE_ROLLOVER, "" + 10);
    props.put(filePropPrefix + "." + AuditQueue.PROP_QUEUE, "batch");
    String batchPropPrefix = filePropPrefix + "." + "batch";
    props.put(batchPropPrefix + "." + AuditQueue.PROP_BATCH_SIZE, "" + batchSize);
    props.put(batchPropPrefix + "." + AuditQueue.PROP_QUEUE_SIZE, "" + queueSize);
    props.put(batchPropPrefix + "." + AuditQueue.PROP_BATCH_INTERVAL, "" + intervalMS);
    // Enable File Spooling
    int destRetryMS = 10;
    props.put(batchPropPrefix + "." + AuditQueue.PROP_FILE_SPOOL_ENABLE, "" + true);
    props.put(batchPropPrefix + "." + AuditFileSpool.PROP_FILE_SPOOL_LOCAL_DIR, "target");
    props.put(batchPropPrefix + "." + AuditFileSpool.PROP_FILE_SPOOL_DEST_RETRY_MS, "" + destRetryMS);
    AuditProviderFactory factory = AuditProviderFactory.getInstance();
    factory.init(props, "test");
    // FileAuditDestination fileDest = new FileAuditDestination();
    // fileDest.init(props, filePropPrefix);
    // 
    // AuditBatchQueue queue = new AuditBatchQueue(fileDest);
    // queue.init(props, batchPropPrefix);
    // queue.start();
    AuditHandler queue = factory.getProvider();
    for (int i = 0; i < messageToSend; i++) {
        queue.log(createEvent());
    }
    // Let's wait for second
    try {
        Thread.sleep(1000);
    } catch (InterruptedException e) {
    // ignore
    }
    queue.waitToComplete();
    queue.stop();
    queue.waitToComplete();
    assertTrue("File created", logFile.exists());
    try {
        List<AuthzAuditEvent> eventList = new ArrayList<AuthzAuditEvent>();
        int totalSum = 0;
        BufferedReader br = new BufferedReader(new FileReader(logFile));
        String line;
        int lastSeq = -1;
        boolean outOfSeq = false;
        while ((line = br.readLine()) != null) {
            AuthzAuditEvent event = MiscUtil.fromJson(line, AuthzAuditEvent.class);
            eventList.add(event);
            totalSum += event.getEventCount();
            if (event.getSeqNum() <= lastSeq) {
                outOfSeq = true;
            }
        }
        br.close();
        assertEquals("Total count", messageToSend, eventList.size());
        assertEquals("Total sum", messageToSend, totalSum);
        assertFalse("Event not in sequnce", outOfSeq);
    } catch (Throwable e) {
        logger.error("Error opening file for reading.", e);
        assertTrue("Error reading file. fileName=" + logFile + ", error=" + e.toString(), true);
    }
}
Also used : AuditHandler(org.apache.ranger.audit.provider.AuditHandler) BaseAuditHandler(org.apache.ranger.audit.provider.BaseAuditHandler) ArrayList(java.util.ArrayList) Properties(java.util.Properties) AuthzAuditEvent(org.apache.ranger.audit.model.AuthzAuditEvent) BufferedReader(java.io.BufferedReader) FileReader(java.io.FileReader) AuditProviderFactory(org.apache.ranger.audit.provider.AuditProviderFactory) File(java.io.File) Test(org.junit.Test)

Example 13 with AuthzAuditEvent

use of org.apache.ranger.audit.model.AuthzAuditEvent in project ranger by apache.

the class TestAuditQueue method createEvent.

private AuthzAuditEvent createEvent() {
    AuthzAuditEvent event = new AuthzAuditEvent();
    event.setSeqNum(++seqNum);
    return event;
}
Also used : AuthzAuditEvent(org.apache.ranger.audit.model.AuthzAuditEvent)

Example 14 with AuthzAuditEvent

use of org.apache.ranger.audit.model.AuthzAuditEvent in project ranger by apache.

the class TestConsumer method logJSON.

@Override
public boolean logJSON(String jsonStr) {
    if (isDown) {
        return false;
    }
    countTotal++;
    AuthzAuditEvent event = MiscUtil.fromJson(jsonStr, AuthzAuditEvent.class);
    sumTotal += event.getEventCount();
    logger.info("JSON:" + jsonStr);
    eventList.add(event);
    return true;
}
Also used : AuthzAuditEvent(org.apache.ranger.audit.model.AuthzAuditEvent)

Example 15 with AuthzAuditEvent

use of org.apache.ranger.audit.model.AuthzAuditEvent in project ranger by apache.

the class TestConsumer method log.

/*
	 * (non-Javadoc)
	 *
	 * @see org.apache.ranger.audit.provider.AuditProvider#log(org.apache.ranger
	 * .audit.model.AuditEventBase)
	 */
@Override
public boolean log(AuditEventBase event) {
    if (isDown) {
        return false;
    }
    countTotal++;
    if (event instanceof AuthzAuditEvent) {
        AuthzAuditEvent azEvent = (AuthzAuditEvent) event;
        sumTotal += azEvent.getEventCount();
        logger.info("EVENT:" + event);
        eventList.add(azEvent);
    }
    return true;
}
Also used : AuthzAuditEvent(org.apache.ranger.audit.model.AuthzAuditEvent)

Aggregations

AuthzAuditEvent (org.apache.ranger.audit.model.AuthzAuditEvent)23 ArrayList (java.util.ArrayList)3 AccessDeniedException (org.apache.hadoop.hbase.security.AccessDeniedException)2 User (org.apache.hadoop.hbase.security.User)2 RangerAccessRequest (org.apache.ranger.plugin.policyengine.RangerAccessRequest)2 RangerAccessResource (org.apache.ranger.plugin.policyengine.RangerAccessResource)2 RangerAccessResult (org.apache.ranger.plugin.policyengine.RangerAccessResult)2 UpdateResponse (org.apache.solr.client.solrj.response.UpdateResponse)2 SolrInputDocument (org.apache.solr.common.SolrInputDocument)2 BufferedReader (java.io.BufferedReader)1 File (java.io.File)1 FileReader (java.io.FileReader)1 Date (java.util.Date)1 HashMap (java.util.HashMap)1 HashSet (java.util.HashSet)1 Map (java.util.Map)1 NavigableSet (java.util.NavigableSet)1 Properties (java.util.Properties)1 Set (java.util.Set)1 HTableDescriptor (org.apache.hadoop.hbase.HTableDescriptor)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial