Enable Audit Support for Kudu
At this time, auditing to HDFS is not supported. However, Solr auditing is enabled by default.
Any user with superuser privileges in Kudu (by default, the kudu and impala users) will not appear in audits, because superusers bypass Ranger policies.
To enable auditing, update the AMBARI_INFRA_SOLR server configuration:
/var/lib/ambari-agent/cache/common-services/AMBARI_INFRA_SOLR/2.7.6.0/package/scripts/params.py-default_ranger_audit_users = 'nn,hbase,hive,knox,kafka,kms,storm,yarn,nifi'+default_ranger_audit_users = 'nn,hbase,hive,knox,kafka,kms,storm,yarn,nifi,kudu' if security_enabled: kinit_path_local = status_params.kinit_path_local@@ -163,6 +163,7 @@ ranger_audit_principals.append(default('configurations/ranger-storm-audit/' + ranger_audit_principal_conf_key, 'storm')) ranger_audit_principals.append(default('configurations/ranger-yarn-audit/' + ranger_audit_principal_conf_key, 'yarn')) ranger_audit_principals.append(default('configurations/ranger-nifi-audit/' + ranger_audit_principal_conf_key, 'nifi'))+ ranger_audit_principals.append(default('configurations/ranger-kudu-audit/' + ranger_audit_principal_conf_key, 'kudu')) ranger_audit_names_from_principals = [ get_name_from_principal(x) for x in ranger_audit_principals ] default_ranger_audit_users = ','.join(ranger_audit_names_from_principals)Was this page helpful?