apache/kyuubi
1
0
Fork 0
Code Issues Pull Requests Actions 5 Packages Projects Releases Wiki Activity
083fd383ae
kyuubi/conf/log4j2.xml.template
fwang12 083fd383ae [KYUUBI #3951] Support to audit the authentication http request 
### _Why are the changes needed?_

Support to audit the http request.
```
08:10:43.231 INFO AuthenticationAuditLogger: user=fwang12(auth:BASIC)	ip=192.168.3.159	proxyIp=null	method=GET	uri=/api/v1/sessions/count	protocol=HTTP/1.1	status=200
08:10:43.265 INFO AuthenticationAuditLogger: user=null(auth:BASIC)	ip=192.168.3.159	proxyIp=null	method=GET	uri=/api/v1/sessions/count	protocol=HTTP/1.1	status=403
08:10:43.273 INFO AuthenticationAuditLogger: user=null(auth:null)	ip=192.168.3.159	proxyIp=null	method=GET	uri=/api/v1/sessions/count	protocol=HTTP/1.1	status=401
08:10:43.320 INFO AuthenticationAuditLogger: user=client(auth:NEGOTIATE)	ip=192.168.3.159	proxyIp=null	method=GET	uri=/api/v1/sessions/count	protocol=HTTP/1.1	status=200
08:10:43.324 INFO AuthenticationAuditLogger: user=null(auth:NEGOTIATE)	ip=192.168.3.159	proxyIp=null	method=GET	uri=/api/v1/sessions/count	protocol=HTTP/1.1	status=403
08:10:43.331 INFO AuthenticationAuditLogger: user=null(auth:null)	ip=192.168.3.159	proxyIp=null	method=GET	uri=/api/v1/sessions/count	protocol=HTTP/1.1	status=401
08:10:47.940 INFO AuthenticationAuditLogger: user=client(auth:NEGOTIATE)	ip=192.168.3.159	proxyIp=null	method=POST	uri=/api/v1/sessions	protocol=HTTP/1.1	status=200
08:10:47.999 INFO AuthenticationAuditLogger: user=client(auth:NEGOTIATE)	ip=192.168.3.159	proxyIp=null	method=DELETE	uri=/api/v1/sessions/86d3e4f5-2739-4759-9320-82a29914ab63	protocol=HTTP/1.1	status=200
```

### _How was this patch tested?_
- [ ] Add some test cases that check the changes thoroughly including negative and positive cases if possible

- [x] Add screenshots for manual tests if appropriate
<img width="1658" alt="image" src="https://user-images.githubusercontent.com/6757692/206594391-090594f5-a0dc-460a-ae05-e09bd938f6d7.png">

- [ ] [Run test](https://kyuubi.apache.org/docs/latest/develop_tools/testing.html#running-tests) locally before make a pull request

Closes #3951 from turboFei/batch_log.

Closes #3951

1f1c313d [fwang12] md
30b6e6d6 [fwang12] refactor log
db2dff8a [fwang12] refactor
c8e532f2 [fwang12] log format
a8aa7825 [fwang12] update log4j2 xml
22905186 [fwang12] log4j2
629f93b9 [fwang12] add year
db783eaa [fwang12] add log4j pattern
697f02fa [fwang12] save
e9cd0bfc [fwang12] audit rest log

Authored-by: fwang12 <fwang12@ebay.com>
Signed-off-by: fwang12 <fwang12@ebay.com>
2022-12-09 20:58:43 +08:00

63 lines
2.8 KiB
XML
Raw Blame History

<?xml version="1.0" encoding="UTF-8"?>
<!--
~ Licensed to the Apache Software Foundation (ASF) under one or more
~ contributor license agreements. See the NOTICE file distributed with
~ this work for additional information regarding copyright ownership.
~ The ASF licenses this file to You under the Apache License, Version 2.0
~ (the "License"); you may not use this file except in compliance with
~ the License. You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<!-- Provide log4j2.xml.template to fix `ERROR Filters contains invalid attributes "onMatch", "onMismatch"`, see KYUUBI-2247 -->
<!-- Extra logging related to initialization of Log4j.
Set to debug or trace if log4j initialization is failing. -->
<Configuration status="INFO">
<Properties>
<Property name="restAuditLogPath">rest-audit.log</Property>
<Property name="restAuditLogFilePattern">rest-audit-%d{yyyy-MM-dd}-%i.log</Property>
</Properties>
<Appenders>
<Console name="stdout" target="SYSTEM_OUT">
<PatternLayout pattern="%d{yyyy-MM-dd HH:mm:ss.SSS} %p %c: %m%n"/>
<Filters>
<RegexFilter regex=".*Thrift error occurred during processing of message.*" onMatch="DENY" onMismatch="NEUTRAL"/>
</Filters>
</Console>
<RollingFile name="restAudit" fileName="${sys:restAuditLogPath}"
filePattern="${sys:restAuditLogFilePattern}">
<PatternLayout pattern="%d{yyyy-MM-dd HH:mm:ss.SSS} %p %c{1}: %m%n"/>
<Policies>
<SizeBasedTriggeringPolicy size="51200KB" />
</Policies>
<DefaultRolloverStrategy max="10"/>
</RollingFile>
</Appenders>
<Loggers>
<Root level="INFO">
<AppenderRef ref="stdout"/>
</Root>
<Logger name="org.apache.kyuubi.ctl.ServiceControlCli" level="error" additivity="false">
<AppenderRef ref="stdout"/>
</Logger>
<!--
<Logger name="org.apache.kyuubi.server.mysql.codec" level="trace" additivity="false">
<AppenderRef ref="stdout"/>
</Logger>
-->
<Logger name="org.apache.hive.beeline.KyuubiBeeLine" level="error" additivity="false">
<AppenderRef ref="stdout"/>
</Logger>
<Logger name="org.apache.kyuubi.server.http.authentication.AuthenticationAuditLogger" additivity="false">
<AppenderRef ref="restAudit" />
</Logger>
</Loggers>
</Configuration>
Reference in New Issue View Git Blame Copy Permalink