This topic describes known issues and workarounds for using Ranger in this release of
Cloudera Runtime.
- CDPD-3296: Audit files for Ranger plugin components do not appear immediately in S3
after cluster creation
-
For Ranger plugin components (Atlas, Hive, HBase, etc.), audit data is updated when the
applicable audit file is rolled over. The default Ranger audit rollover time is 24
hours, so audit data appears 24 hours after cluster creation.
- Workaround:
To see the audit logs in S3 before the default rollover time of 24 hours, use the
following steps to override the default value in the Cloudera Manager safety valve for
the applicable service.
- On the Configuration tab in the applicable service, select
Advanced under CATEGORY.
- Click the + icon for the <service_name> Advanced
Configuration Snippet (Safety Valve) for
ranger-<service_name>-audit.xml property.
- Enter the following property in the Name box:
xasecure.audit.destination.hdfs.file.rollover.sec.
- Enter the desired rollover interval (in seconds) in the
Value box. For example, if you specify
180, the audit log data is updated every 3 minutes.
- Click Save Changes and restart the service.
