Search in sources :

Example 1 with XXAccessAudit

use of org.apache.ranger.entity.XXAccessAudit in project ranger by apache.

the class DbToSolrMigrationUtil method migrateAuditDbLogsToSolr.

public void migrateAuditDbLogsToSolr() {
    System.out.println("Migration process is started..");
    long maxXXAccessAuditID = daoManager.getXXAccessAudit().getMaxIdOfXXAccessAudit();
    if (maxXXAccessAuditID == 0) {
        logger.info("Access Audit log does not exist.");
        System.out.println("Access Audit log does not exist in db.");
        return;
    }
    long maxMigratedID = 0;
    try {
        maxMigratedID = readMigrationStatusFile(CHECK_FILE_NAME);
    } catch (IOException ex) {
        logger.error("Failed to read migration status from file " + CHECK_FILE_NAME, ex);
    }
    logger.info("ID of the last available audit log: " + maxXXAccessAuditID);
    if (maxMigratedID > 0) {
        logger.info("ID of the last migrated audit log: " + maxMigratedID);
    }
    if (maxMigratedID >= maxXXAccessAuditID) {
        logger.info("No more DB Audit logs to migrate. Last migrated audit log ID: " + maxMigratedID);
        System.out.println("No more DB Audit logs to migrate. Last migrated audit log ID: " + maxMigratedID);
        return;
    }
    String db_flavor = AppConstants.getLabelFor_DatabaseFlavor(RangerBizUtil.getDBFlavor());
    logger.info("DB flavor: " + db_flavor);
    List<String> columnList = daoManager.getXXAccessAudit().getColumnNames(db_flavor);
    int auditTableVersion = 4;
    if (columnList != null) {
        if (columnList.contains("tags")) {
            auditTableVersion = 6;
        } else if (columnList.contains("seq_num") && columnList.contains("event_count") && columnList.contains("event_dur_ms")) {
            auditTableVersion = 5;
        }
    }
    logger.info("Columns Name:" + columnList);
    long maxRowsPerBatch = 10000;
    // To ceil the actual division result i.e noOfBatches=maxXXAccessAuditID/maxRowsPerBatch
    long noOfBatches = ((maxXXAccessAuditID - maxMigratedID) + maxRowsPerBatch - 1) / maxRowsPerBatch;
    long rangeStart = maxMigratedID;
    long rangeEnd = maxXXAccessAuditID - maxMigratedID <= maxRowsPerBatch ? maxXXAccessAuditID : rangeStart + maxRowsPerBatch;
    long startTimeInMS = 0;
    long timeTaken = 0;
    long lastMigratedID = 0;
    long totalMigratedLogs = 0;
    for (long index = 1; index <= noOfBatches; index++) {
        logger.info("Batch " + index + " of total " + noOfBatches);
        System.out.println("Processing batch " + index + " of total " + noOfBatches);
        startTimeInMS = System.currentTimeMillis();
        // rangeStart and rangeEnd both exclusive, if we add +1 in maxRange
        if (auditTableVersion == 4) {
            List<XXAccessAuditV4> xXAccessAuditV4List = daoManager.getXXAccessAudit().getByIdRangeV4(rangeStart, rangeEnd + 1);
            if (!CollectionUtils.isEmpty(xXAccessAuditV4List)) {
                for (XXAccessAuditV4 xXAccessAudit : xXAccessAuditV4List) {
                    if (xXAccessAudit != null) {
                        try {
                            send2solr(xXAccessAudit);
                            lastMigratedID = xXAccessAudit.getId();
                            totalMigratedLogs++;
                        } catch (Throwable e) {
                            logger.error("Error while writing audit log id '" + xXAccessAudit.getId() + "' to Solr.", e);
                            writeMigrationStatusFile(lastMigratedID, CHECK_FILE_NAME);
                            logger.info("Stopping migration process!");
                            System.out.println("Error while writing audit log id '" + xXAccessAudit.getId() + "' to Solr.");
                            System.out.println("Migration process failed, Please refer ranger_db_patch.log file.");
                            return;
                        }
                    }
                }
            }
        } else if (auditTableVersion == 5) {
            List<XXAccessAuditV5> xXAccessAuditV5List = daoManager.getXXAccessAudit().getByIdRangeV5(rangeStart, rangeEnd + 1);
            if (!CollectionUtils.isEmpty(xXAccessAuditV5List)) {
                for (XXAccessAuditV5 xXAccessAudit : xXAccessAuditV5List) {
                    if (xXAccessAudit != null) {
                        try {
                            send2solr(xXAccessAudit);
                            lastMigratedID = xXAccessAudit.getId();
                            totalMigratedLogs++;
                        } catch (Throwable e) {
                            logger.error("Error while writing audit log id '" + xXAccessAudit.getId() + "' to Solr.", e);
                            writeMigrationStatusFile(lastMigratedID, CHECK_FILE_NAME);
                            logger.info("Stopping migration process!");
                            System.out.println("Error while writing audit log id '" + xXAccessAudit.getId() + "' to Solr.");
                            System.out.println("Migration process failed, Please refer ranger_db_patch.log file.");
                            return;
                        }
                    }
                }
            }
        } else if (auditTableVersion == 6) {
            List<XXAccessAudit> xXAccessAuditV6List = daoManager.getXXAccessAudit().getByIdRangeV6(rangeStart, rangeEnd + 1);
            if (!CollectionUtils.isEmpty(xXAccessAuditV6List)) {
                for (XXAccessAudit xXAccessAudit : xXAccessAuditV6List) {
                    if (xXAccessAudit != null) {
                        try {
                            send2solr(xXAccessAudit);
                            lastMigratedID = xXAccessAudit.getId();
                            totalMigratedLogs++;
                        } catch (Throwable e) {
                            logger.error("Error while writing audit log id '" + xXAccessAudit.getId() + "' to Solr.", e);
                            writeMigrationStatusFile(lastMigratedID, CHECK_FILE_NAME);
                            logger.info("Stopping migration process!");
                            System.out.println("Error while writing audit log id '" + xXAccessAudit.getId() + "' to Solr.");
                            System.out.println("Migration process failed, Please refer ranger_db_patch.log file.");
                            return;
                        }
                    }
                }
            }
        }
        timeTaken = (System.currentTimeMillis() - startTimeInMS);
        logger.info("Batch #" + index + ": time taken:" + timeTaken + " ms");
        if (rangeEnd < maxXXAccessAuditID) {
            writeMigrationStatusFile(rangeEnd, CHECK_FILE_NAME);
        } else {
            writeMigrationStatusFile(maxXXAccessAuditID, CHECK_FILE_NAME);
        }
        rangeStart = rangeEnd;
        rangeEnd = rangeEnd + maxRowsPerBatch;
    }
    if (totalMigratedLogs > 0) {
        System.out.println("Total Number of Migrated Audit logs:" + totalMigratedLogs);
        logger.info("Total Number of Migrated Audit logs:" + totalMigratedLogs);
    }
    if (solrClient != null) {
        try {
            solrClient.close();
        } catch (IOException e) {
            logger.error("Error while closing solr connection", e);
        } finally {
            solrClient = null;
        }
    }
    System.out.println("Migration process finished!!");
}
Also used : XXAccessAudit(org.apache.ranger.entity.XXAccessAudit) XXAccessAuditV5(org.apache.ranger.entity.XXAccessAuditV5) XXAccessAuditV4(org.apache.ranger.entity.XXAccessAuditV4) ArrayList(java.util.ArrayList) List(java.util.List) IOException(java.io.IOException)

Example 2 with XXAccessAudit

use of org.apache.ranger.entity.XXAccessAudit in project ranger by apache.

the class XAccessAuditService method searchXAccessAudits.

/**
 * @param searchCriteria
 * @return
 */
public VXAccessAuditList searchXAccessAudits(SearchCriteria searchCriteria) {
    VXAccessAuditList returnList = new VXAccessAuditList();
    List<VXAccessAudit> xAccessAuditList = new ArrayList<VXAccessAudit>();
    List<XXAccessAudit> resultList = (List<XXAccessAudit>) searchResources(searchCriteria, searchFields, sortFields, returnList);
    final boolean hiveQueryVisibility = PropertiesUtil.getBooleanProperty("ranger.audit.hive.query.visibility", true);
    // Iterate over the result list and create the return list
    for (XXAccessAudit gjXAccessAudit : resultList) {
        VXAccessAudit vXAccessAudit = populateViewBean(gjXAccessAudit);
        if (vXAccessAudit != null) {
            if (StringUtils.equalsIgnoreCase(vXAccessAudit.getAclEnforcer(), RangerHadoopConstants.DEFAULT_XASECURE_MODULE_ACL_NAME)) {
                vXAccessAudit.setAclEnforcer(RangerHadoopConstants.DEFAULT_RANGER_MODULE_ACL_NAME);
            }
            if (!hiveQueryVisibility && "hive".equalsIgnoreCase(vXAccessAudit.getServiceType())) {
                vXAccessAudit.setRequestData(null);
            } else if ("hive".equalsIgnoreCase(vXAccessAudit.getServiceType()) && ("grant".equalsIgnoreCase(vXAccessAudit.getAccessType()) || "revoke".equalsIgnoreCase(vXAccessAudit.getAccessType()))) {
                try {
                    vXAccessAudit.setRequestData(java.net.URLDecoder.decode(vXAccessAudit.getRequestData(), "UTF-8"));
                } catch (UnsupportedEncodingException e) {
                    logger.warn("Error while encoding request data");
                }
            }
            xAccessAuditList.add(vXAccessAudit);
        }
    }
    returnList.setVXAccessAudits(xAccessAuditList);
    return returnList;
}
Also used : XXAccessAudit(org.apache.ranger.entity.XXAccessAudit) ArrayList(java.util.ArrayList) UnsupportedEncodingException(java.io.UnsupportedEncodingException) VXAccessAudit(org.apache.ranger.view.VXAccessAudit) ArrayList(java.util.ArrayList) List(java.util.List) VXAccessAuditList(org.apache.ranger.view.VXAccessAuditList) VXAccessAuditList(org.apache.ranger.view.VXAccessAuditList)

Aggregations

ArrayList (java.util.ArrayList)2 List (java.util.List)2 XXAccessAudit (org.apache.ranger.entity.XXAccessAudit)2 IOException (java.io.IOException)1 UnsupportedEncodingException (java.io.UnsupportedEncodingException)1 XXAccessAuditV4 (org.apache.ranger.entity.XXAccessAuditV4)1 XXAccessAuditV5 (org.apache.ranger.entity.XXAccessAuditV5)1 VXAccessAudit (org.apache.ranger.view.VXAccessAudit)1 VXAccessAuditList (org.apache.ranger.view.VXAccessAuditList)1