-
Notifications
You must be signed in to change notification settings - Fork 3.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
HBASE-25558:Adding audit log for execMasterService #3101
Conversation
🎊 +1 overall
This message was automatically generated. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Same comment as posted in previous PR: If you want to add an audit log, you should use the AUDITLOG
logger, instead of LOG
.
changed to AUDITLOG |
💔 -1 overall
This message was automatically generated. |
💔 -1 overall
This message was automatically generated. |
💔 -1 overall
This message was automatically generated. |
💔 -1 overall
This message was automatically generated. |
💔 -1 overall
This message was automatically generated. |
🎊 +1 overall
This message was automatically generated. |
🎊 +1 overall
This message was automatically generated. |
💔 -1 overall
This message was automatically generated. |
String remoteAddress = RpcServer.getRemoteAddress().map(InetAddress::toString).orElse(""); | ||
User caller = RpcServer.getRequestUser().orElse(null); | ||
AUDITLOG.info("User {} (remote address: {}) master service request for {}.{}", caller, | ||
remoteAddress, serviceName, methodName); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can we log more than methodName or perhaps methodName is what we usually put in audit log?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
methodName is what we usually put in audit log. We need to know what method is called by client when we are attacked!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I was hoping for more than just method name if possible... like region name or table name if possible?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I have checked the related code, there is no easy way to obtain infomration like region name or table name
Rerunning. Failures look unrelated. One comment above otherwise. |
🎊 +1 overall
This message was automatically generated. |
🎊 +1 overall
This message was automatically generated. |
🎊 +1 overall
This message was automatically generated. |
Signed-off-by: stack <stack@apache.org>
Signed-off-by: stack <stack@apache.org>
Hi:
I have found that in APIs, like execProcedure and execProcedureWithRet, have audit log to record who execute the master service. The log can be like:
LOG.info(master.getClientIdAuditPrefix() + " procedure request for: " + desc.getSignature());`
But it seems that we forget to audit execMasterService. We should add one.
old request is #2937