Migrate audit reports and processes to Ranger

In CDP, Ranger performs auditing against the data access policies defined for each service.

For example, if a Ranger policy allows only users from the Finance group to access a particular Hive database, Ranger audit information show when those users accessed the database successfully and when other users attempted to access the database and were denied. While the Ranger audit information are a significant subset of the audit information performed by Navigator, the format and content is different enough that Cloudera does not provide a migration path for Navigator audit information into the same repository as Ranger audit information.

When redirecting reports or processes to Ranger, you need to:

  • Identify the audited information: does an equivalent exist in Ranger?

  • Identify the method of accessing the audit data and map it to Ranger: Did the reporting application use the Navigator API? Did it access archived data or the Navigator audit database? Ranger provides an API to access audit information; audit data is written to HDFS (under /ranger/audit/<component name>). 30 days of audit records are indexed in Solr. The audit events are stored in a JSON format. For details, see Managing Auditing with Ranger.