Ranger KMS supports audit to DB, HDFS, and Solr. Solr is well-suited for short-term
auditing and UI access (for example, one month of data accessible via quick queries in the Web
UI). HDFS is typically used for archival auditing. They are not mutually exclusive; we
recommend configuring audit to both Solr and HDFS. First, make sure Ranger KMS logs are
enabled by following these steps.
- Go to the Ambari UI:
http://<gateway>:8080. - Select
ranger-kms from the service. - Click the Configs tab, and go to the accordion menu.
- In the Advanced ranger-kms-audit list, set
xasecure.audit.is.enabled
to true. - Select "Audit to Solr" and/or "Audit to HDFS", depending on which database(s) you plan to
use:
- Save the configuration and restart the Ranger KMS service.
- Check to see if the Ranger KMS Plugin is enabled:
-
Go to the Ranger UI:
http://<gateway>:6080.
-
Login with your keyadmin user ID and password (the defaults are
keyadmin, keyadmin). The default
repository will be added under KMS service.
-
Run a test connection for the service. You should see a ‘connected
successfully’ pop-up message. If the connection is not successful, make sure
that the configured user exists (in KDC for a secure cluster).
-
Choose the Audit > Plugin tab.
-
Check whether plugins are communicating. The UI should display
Http
Response code 200 for the respective plugin.
