Examples with AuditHandler org.apache.ranger.audit.provider.AuditHandler used on opensource projects
Example 1 with AuditHandler
use of org.apache.ranger.audit.provider.AuditHandler in project ranger by apache.
the class TestAuditQueue method testFileDestination.
@Test
public void testFileDestination() {
logger.debug("testFileDestination()...");
int messageToSend = 10;
int batchSize = messageToSend / 3;
int queueSize = messageToSend * 2;
// Should be less than final sleep time
int intervalMS = 500;
String logFolderName = "target/testFileDestination";
File logFolder = new File(logFolderName);
String logFileName = "test_ranger_audit.log";
File logFile = new File(logFolder, logFileName);
Properties props = new Properties();
// Destination
String filePropPrefix = AuditProviderFactory.AUDIT_DEST_BASE + ".file";
props.put(filePropPrefix, "enable");
props.put(filePropPrefix + "." + AuditQueue.PROP_NAME, "file");
props.put(filePropPrefix + "." + FileAuditDestination.PROP_FILE_LOCAL_DIR, logFolderName);
props.put(filePropPrefix + "." + FileAuditDestination.PROP_FILE_LOCAL_FILE_NAME_FORMAT, "%app-type%_ranger_audit.log");
props.put(filePropPrefix + "." + FileAuditDestination.PROP_FILE_FILE_ROLLOVER, "" + 10);
props.put(filePropPrefix + "." + AuditQueue.PROP_QUEUE, "batch");
String batchPropPrefix = filePropPrefix + "." + "batch";
props.put(batchPropPrefix + "." + AuditQueue.PROP_BATCH_SIZE, "" + batchSize);
props.put(batchPropPrefix + "." + AuditQueue.PROP_QUEUE_SIZE, "" + queueSize);
props.put(batchPropPrefix + "." + AuditQueue.PROP_BATCH_INTERVAL, "" + intervalMS);
// Enable File Spooling
int destRetryMS = 10;
props.put(batchPropPrefix + "." + AuditQueue.PROP_FILE_SPOOL_ENABLE, "" + true);
props.put(batchPropPrefix + "." + AuditFileSpool.PROP_FILE_SPOOL_LOCAL_DIR, "target");
props.put(batchPropPrefix + "." + AuditFileSpool.PROP_FILE_SPOOL_DEST_RETRY_MS, "" + destRetryMS);
AuditProviderFactory factory = AuditProviderFactory.getInstance();
factory.init(props, "test");
// FileAuditDestination fileDest = new FileAuditDestination();
// fileDest.init(props, filePropPrefix);
//
// AuditBatchQueue queue = new AuditBatchQueue(fileDest);
// queue.init(props, batchPropPrefix);
// queue.start();
AuditHandler queue = factory.getProvider();
for (int i = 0; i < messageToSend; i++) {
queue.log(createEvent());
}
// Let's wait for second
try {
Thread.sleep(1000);
} catch (InterruptedException e) {
// ignore
}
queue.waitToComplete();
queue.stop();
queue.waitToComplete();
assertTrue("File created", logFile.exists());
try {
List<AuthzAuditEvent> eventList = new ArrayList<AuthzAuditEvent>();
int totalSum = 0;
BufferedReader br = new BufferedReader(new FileReader(logFile));
String line;
int lastSeq = -1;
boolean outOfSeq = false;
while ((line = br.readLine()) != null) {
AuthzAuditEvent event = MiscUtil.fromJson(line, AuthzAuditEvent.class);
eventList.add(event);
totalSum += event.getEventCount();
if (event.getSeqNum() <= lastSeq) {
outOfSeq = true;
}
}
br.close();
assertEquals("Total count", messageToSend, eventList.size());
assertEquals("Total sum", messageToSend, totalSum);
assertFalse("Event not in sequnce", outOfSeq);
} catch (Throwable e) {
logger.error("Error opening file for reading.", e);
assertTrue("Error reading file. fileName=" + logFile + ", error=" + e.toString(), true);
}
}
Also used :
AuditHandler(org.apache.ranger.audit.provider.AuditHandler)
BaseAuditHandler(org.apache.ranger.audit.provider.BaseAuditHandler)
ArrayList(java.util.ArrayList)
Properties(java.util.Properties)
AuthzAuditEvent(org.apache.ranger.audit.model.AuthzAuditEvent)
BufferedReader(java.io.BufferedReader)
FileReader(java.io.FileReader)
AuditProviderFactory(org.apache.ranger.audit.provider.AuditProviderFactory)
File(java.io.File)
Test(org.junit.Test)
Example 2 with AuditHandler
use of org.apache.ranger.audit.provider.AuditHandler in project ranger by apache.
the class TestPolicyEngine method setUpBeforeClass.
@BeforeClass
public static void setUpBeforeClass() throws Exception {
gsonBuilder = new GsonBuilder().setDateFormat("yyyyMMdd-HH:mm:ss.SSSZ").setPrettyPrinting().registerTypeAdapter(RangerAccessRequest.class, new RangerAccessRequestDeserializer()).registerTypeAdapter(RangerAccessResource.class, new RangerResourceDeserializer()).create();
// For setting up auditProvider
Properties auditProperties = new Properties();
String AUDIT_PROPERTIES_FILE = "xasecure-audit.properties";
File propFile = new File(AUDIT_PROPERTIES_FILE);
if (propFile.exists()) {
System.out.println("Loading Audit properties file" + AUDIT_PROPERTIES_FILE);
auditProperties.load(new FileInputStream(propFile));
} else {
System.out.println("Audit properties file missing: " + AUDIT_PROPERTIES_FILE);
auditProperties.setProperty("xasecure.audit.jpa.javax.persistence.jdbc.url", "jdbc:mysql://node-1:3306/xasecure_audit");
auditProperties.setProperty("xasecure.audit.jpa.javax.persistence.jdbc.user", "xalogger");
auditProperties.setProperty("xasecure.audit.jpa.javax.persistence.jdbc.password", "xalogger");
auditProperties.setProperty("xasecure.audit.jpa.javax.persistence.jdbc.driver", "com.mysql.jdbc.Driver");
// Set this to true to enable audit logging
auditProperties.setProperty("xasecure.audit.is.enabled", "false");
auditProperties.setProperty("xasecure.audit.log4j.is.enabled", "false");
auditProperties.setProperty("xasecure.audit.log4j.is.async", "false");
auditProperties.setProperty("xasecure.audit.log4j.async.max.queue.size", "100000");
auditProperties.setProperty("xasecure.audit.log4j.async.max.flush.interval.ms", "30000");
auditProperties.setProperty("xasecure.audit.db.is.enabled", "false");
auditProperties.setProperty("xasecure.audit.db.is.async", "false");
auditProperties.setProperty("xasecure.audit.db.async.max.queue.size", "100000");
auditProperties.setProperty("xasecure.audit.db.async.max.flush.interval.ms", "30000");
auditProperties.setProperty("xasecure.audit.db.batch.size", "100");
}
// second parameter does not matter for v2
AuditProviderFactory.getInstance().init(auditProperties, "hdfs");
AuditHandler provider = AuditProviderFactory.getAuditProvider();
System.out.println("provider=" + provider.toString());
File file = File.createTempFile("ranger-admin-test-site", ".xml");
file.deleteOnExit();
FileOutputStream outStream = new FileOutputStream(file);
OutputStreamWriter writer = new OutputStreamWriter(outStream);
/*
// For setting up TestTagProvider
writer.write("<configuration>\n" +
" <property>\n" +
" <name>ranger.plugin.tag.policy.rest.url</name>\n" +
" <value>http://os-def:6080</value>\n" +
" </property>\n" +
" <property>\n" +
" <name>ranger.externalurl</name>\n" +
" <value>http://os-def:6080</value>\n" +
" </property>\n" +
"</configuration>\n");
*/
writer.write("<configuration>\n" + // For setting up x-forwarded-for for Hive
" <property>\n" + " <name>ranger.plugin.hive.use.x-forwarded-for.ipaddress</name>\n" + " <value>true</value>\n" + " </property>\n" + " <property>\n" + " <name>ranger.plugin.hive.trusted.proxy.ipaddresses</name>\n" + " <value>255.255.255.255; 128.101.101.101;128.101.101.99</value>\n" + " </property>\n" + " <property>\n" + " <name>ranger.plugin.tag.attr.additional.date.formats</name>\n" + " <value>abcd||xyz||yyyy/MM/dd'T'HH:mm:ss.SSS'Z'</value>\n" + " </property>\n" + "</configuration>\n");
writer.close();
RangerConfiguration config = RangerConfiguration.getInstance();
config.addResource(new org.apache.hadoop.fs.Path(file.toURI()));
}
Also used :
AuditHandler(org.apache.ranger.audit.provider.AuditHandler)
RangerDefaultAuditHandler(org.apache.ranger.plugin.audit.RangerDefaultAuditHandler)
GsonBuilder(com.google.gson.GsonBuilder)
Properties(java.util.Properties)
FileInputStream(java.io.FileInputStream)
RangerConfiguration(org.apache.ranger.authorization.hadoop.config.RangerConfiguration)
FileOutputStream(java.io.FileOutputStream)
OutputStreamWriter(java.io.OutputStreamWriter)
File(java.io.File)
BeforeClass(org.junit.BeforeClass)
Example 3 with AuditHandler
use of org.apache.ranger.audit.provider.AuditHandler in project ranger by apache.
the class TestEvents method main.
public static void main(String[] args) {
DOMConfigurator.configure("log4j.xml");
LOG.info("==> TestEvents.main()");
try {
Properties auditProperties = new Properties();
String AUDIT_PROPERTIES_FILE = "xasecure-audit.properties";
File propFile = new File(AUDIT_PROPERTIES_FILE);
if (propFile.exists()) {
LOG.info("Loading Audit properties file" + AUDIT_PROPERTIES_FILE);
auditProperties.load(new FileInputStream(propFile));
} else {
LOG.info("Audit properties file missing: " + AUDIT_PROPERTIES_FILE);
auditProperties.setProperty("xasecure.audit.jpa.javax.persistence.jdbc.url", "jdbc:mysql://localhost:3306/xa_db");
auditProperties.setProperty("xasecure.audit.jpa.javax.persistence.jdbc.user", "xaaudit");
auditProperties.setProperty("xasecure.audit.jpa.javax.persistence.jdbc.password", "xaaudit");
auditProperties.setProperty("xasecure.audit.jpa.javax.persistence.jdbc.driver", "com.mysql.jdbc.Driver");
auditProperties.setProperty("xasecure.audit.is.enabled", "true");
auditProperties.setProperty("xasecure.audit.log4j.is.enabled", "false");
auditProperties.setProperty("xasecure.audit.log4j.is.async", "false");
auditProperties.setProperty("xasecure.audit.log4j.async.max.queue.size", "100000");
auditProperties.setProperty("xasecure.audit.log4j.async.max.flush.interval.ms", "30000");
auditProperties.setProperty("xasecure.audit.db.is.enabled", "false");
auditProperties.setProperty("xasecure.audit.db.is.async", "true");
auditProperties.setProperty("xasecure.audit.db.async.max.queue.size", "100000");
auditProperties.setProperty("xasecure.audit.db.async.max.flush.interval.ms", "30000");
auditProperties.setProperty("xasecure.audit.db.batch.size", "100");
}
AuditProviderFactory.getInstance().init(auditProperties, "hdfs");
AuditHandler provider = AuditProviderFactory.getAuditProvider();
LOG.info("provider=" + provider.toString());
String strEventCount = args.length > 0 ? args[0] : auditProperties.getProperty("xasecure.audit.test.event.count");
String strEventPauseTimeInMs = args.length > 1 ? args[1] : auditProperties.getProperty("xasecure.audit.test.event.pause.time.ms");
String strSleepTimeBeforeExit = args.length > 2 ? args[2] : auditProperties.getProperty("xasecure.audit.test.sleep.time.before.exit.seconds");
int eventCount = (strEventCount == null) ? 1024 : Integer.parseInt(strEventCount);
int eventPauseTime = (strEventPauseTimeInMs == null) ? 0 : Integer.parseInt(strEventPauseTimeInMs);
int sleepTimeBeforeExit = ((strSleepTimeBeforeExit == null) ? 0 : Integer.parseInt(strSleepTimeBeforeExit)) * 1000;
for (int i = 0; i < eventCount; i++) {
AuditEventBase event = getTestEvent(i);
LOG.info("==> TestEvents.main(" + (i + 1) + "): adding " + event.getClass().getName());
provider.log(event);
if (eventPauseTime > 0) {
Thread.sleep(eventPauseTime);
}
}
provider.waitToComplete();
// So, at this point it is possible that few local log files haven't made to HDFS.
if (sleepTimeBeforeExit > 0) {
LOG.info("waiting for " + sleepTimeBeforeExit + "ms before exiting..");
try {
Thread.sleep(sleepTimeBeforeExit);
} catch (Exception excp) {
LOG.info("error while waiting before exiting..");
}
}
provider.stop();
} catch (Exception excp) {
LOG.info(excp.getLocalizedMessage());
excp.printStackTrace();
}
LOG.info("<== TestEvents.main()");
}
Also used :
AuditHandler(org.apache.ranger.audit.provider.AuditHandler)
AuditEventBase(org.apache.ranger.audit.model.AuditEventBase)
Properties(java.util.Properties)
File(java.io.File)
FileInputStream(java.io.FileInputStream)
Aggregations
File (java.io.File)3
Properties (java.util.Properties)3
AuditHandler (org.apache.ranger.audit.provider.AuditHandler)3
FileInputStream (java.io.FileInputStream)2
GsonBuilder (com.google.gson.GsonBuilder)1
BufferedReader (java.io.BufferedReader)1
FileOutputStream (java.io.FileOutputStream)1
FileReader (java.io.FileReader)1
OutputStreamWriter (java.io.OutputStreamWriter)1
ArrayList (java.util.ArrayList)1
AuditEventBase (org.apache.ranger.audit.model.AuditEventBase)1
AuthzAuditEvent (org.apache.ranger.audit.model.AuthzAuditEvent)1
AuditProviderFactory (org.apache.ranger.audit.provider.AuditProviderFactory)1
BaseAuditHandler (org.apache.ranger.audit.provider.BaseAuditHandler)1
RangerConfiguration (org.apache.ranger.authorization.hadoop.config.RangerConfiguration)1
RangerDefaultAuditHandler (org.apache.ranger.plugin.audit.RangerDefaultAuditHandler)1
BeforeClass (org.junit.BeforeClass)1
Test (org.junit.Test)1
