Viewing Ranger access audits
Apache Ranger audits help Data Stewards to identify and track the policies affecting the Apache Atlas entities over a period of time. More specifically, the accesses and the relevant policies can be also identified.
Information about the Apache Ranger policy audit events are displayed for each entity in the Asset Details. Using this information, Data Stewards can distinguish between policies originating from Ranger to have an overview of all users accessing (or being prevented from accessing) an entity. They can also use this to troubleshoot access issues.
On the Asset Details page, the Access Audits tab displays information related to the selected entity type and about the events that occurred based on the user activities trying to access the entity.
Clicking on Access Audits tab, you can view manage information about:
- The relevant Ranger policy ID
- The time when the entity access was attempted
- The user who accessed the specific entity (or was being barred from accessing it)
- The resource type accessed
- The access type
- For example, by Hive entities the following filter options are available
- SELECT
- UPDATE
- CREATE
- DROP
- ALTER
- INDEX
- READ
- WRITE
- For example, by Hive entities the following filter options are available
- The access attempt result
- ALLOWED
- DENIED
- The client IP
The accesses can be identified for:
- Created entities and related updates
- Tagged entities
- Labeled entities
For example, the following image displays the entity creation event recorded for a Hive table: