Analyze Big Data Platforms For Security and Performance

HDFS Authorization Activity Monitoring Quick Start

HDFS can audit service-level authorization activity

Sample authorization logs

2016-06-08 02:55:07,742 INFO Authorization successful for hdfs (auth:SIMPLE) for protocol=interface org.apache.hadoop.hdfs.protocol.ClientProtocol
2016-06-08 02:55:35,304 INFO Authorization successful for hdfs (auth:SIMPLE) for protocol=interface org.apache.hadoop.hdfs.server.protocol.NamenodeProtocol
2016-06-08 02:55:36,862 INFO Authorization successful for hive (auth:SIMPLE) for protocol=interface org.apache.hadoop.hdfs.protocol.ClientProtocol

Steps for enabling service-level authorization activity

1. Enable HDFS Authorization Security in core-site.xml


2. Enable HDFS security log in

#Security audit appender
log4j.appender.DRFAS.layout.ConversionPattern=%d{ISO8601} %p %c: %m%n
Copyright © 2015 The Apache Software Foundation, Licensed under the Apache License, Version 2.0.
Apache Eagle, Eagle, Apache Hadoop, Hadoop, Apache HBase, HBase, Apache Hive, Hive, Apache Ambari, Ambari, Apache Spark, Spark, Apache Kafka, Kafka, Apache Storm, Storm, Apache Maven, Maven, Apache Tomcat, Tomcat, Apache Derby, Derby, Apache Cassandra, Cassandra, Apache ZooKeeper, ZooKeeper, Apache, the Apache feather logo, and the Apache project logo are trademarks of The Apache Software Foundation.