Configuring Ranger audit log storage to a local file
How to configure a service to write Ranger audit log records to a local file, in
addition to the default Solr and HDFS locations.
The Solr and HDFS audit destinations are intended to store short- and long-term audit
records respectively, by default. You can configure whether a service also stores
Ranger audit records in a local file destination. You may also further configure a
service by appending additional, service-specific configuration properties. To do
this, first modify ranger-<service_name>-audit.xml file, using Cloudera Manager.
Then, add additional appenders to the configuration. This topic shows how to add
appenders to the Hive service, for example.
Table 1. Ranger Audit Destination Configuration Parameters for services
Parameter Name
Description
Default Setting
Units
xasecure.audit.destination.log4j
controls whether Ranger writes audit records to a service
true
T/F
xasecure.audit.destination.log4j.logger
location at which you can access audit records written to
HDFS
rangerauditlogger
string
Configure Ranger Log4JAuditDestination.
From Cloudera Manager choose <service_name> > Configuration.
In Search, type
ranger-<service_name>-audit, then press
Return.
In Hive Service Advanced Configuration Snippet (Safety
Valve) for ranger-hive-audit.xml, click
+.
Add the following property/value:
Name
xasecure.audit.destination.log4j
Value
true
Click Save Changes (CTRL+S).
In Hive Service Advanced Configuration Snippet (Safety
Valve) for ranger-hive-audit.xml, click
+.
Add the following property/value
Name
xasecure.audit.destination.log4j.logger
Value
rangerauditlogger
Click Save Changes (CTRL+S).
Configure HIVE log4 for ranger audit log appender.
Add the following properties to the configuration: (?? HiveServer2 Logging
Advanced Configuration Snippet (Safety Valve) ??)