Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(ranger-plugins): enable log4j for auditlogs #834

Merged
merged 1 commit into from
May 3, 2024
Merged

feat(ranger-plugins): enable log4j for auditlogs #834

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 10 additions & 0 deletions roles/hadoop/common/templates/log4j.properties.j2
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -309,3 +309,13 @@ log4j.appender.EWMA.maxUniqueMessages=${yarn.ewma.maxUniqueMessages}

# Log levels of third-party libraries
log4j.logger.org.apache.commons.beanutils=WARN

{% if enable_ranger_audit_log4j and ranger_audit_file is defined %}
ranger.logger=INFO,console,RANGERAUDIT
log4j.logger.xaaudit=${ranger.logger}
log4j.appender.RANGERAUDIT=org.apache.log4j.DailyRollingFileAppender
log4j.appender.RANGERAUDIT.File={{ ranger_audit_file }}
log4j.appender.RANGERAUDIT.layout=org.apache.log4j.PatternLayout
log4j.appender.RANGERAUDIT.layout.ConversionPattern={{ tdp_auditlog_layout_pattern }}
#log4j.appender.RANGERAUDIT.DatePattern=.yyyy-MM-dd
{% endif %}
7 changes: 7 additions & 0 deletions roles/hbase/common/templates/hbase/install_hbase.properties.j2
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -117,6 +117,13 @@ XAAUDIT.SOLR.MAX_QUEUE_SIZE=1
XAAUDIT.SOLR.MAX_FLUSH_INTERVAL_MS=1000
XAAUDIT.SOLR.SOLR_URL=http://localhost:6083/solr/ranger_audits

{% if enable_ranger_audit_log4j %}
# log4j audit
XAAUDIT.LOG4J.IS_ENABLED=true
XAAUDIT.LOG4J.DESTINATION=true
XAAUDIT.LOG4J.DESTINATION.LOGGER=xaaudit
{% endif %}

#
# SSL Client Certificate Information
#
Expand Down
10 changes: 10 additions & 0 deletions roles/hbase/common/templates/hbase/log4j.properties.j2
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -122,3 +122,13 @@ log4j.logger.org.apache.hadoop.hbase.zookeeper.ZKWatcher=${hbase.log.level}
log4j.logger.org.apache.hadoop.metrics2.impl.MetricsConfig=WARN
log4j.logger.org.apache.hadoop.metrics2.impl.MetricsSinkAdapter=WARN
log4j.logger.org.apache.hadoop.metrics2.impl.MetricsSystemImpl=WARN

{% if enable_ranger_audit_log4j and ranger_audit_file is defined %}
ranger.logger=INFO,console,RANGERAUDIT
log4j.logger.xaaudit=${ranger.logger}
log4j.appender.RANGERAUDIT=org.apache.log4j.DailyRollingFileAppender
log4j.appender.RANGERAUDIT.File={{ ranger_audit_file }}
log4j.appender.RANGERAUDIT.layout=org.apache.log4j.PatternLayout
log4j.appender.RANGERAUDIT.layout.ConversionPattern={{ tdp_auditlog_layout_pattern }}
#log4j.appender.RANGERAUDIT.DatePattern=.yyyy-MM-dd
{% endif %}
2 changes: 2 additions & 0 deletions roles/hbase/master/tasks/config.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,8 @@
owner: root
group: root
mode: "644"
vars:
ranger_audit_file: "{{ hbase_log_dir }}/{{ hbase_master_ranger_audit_file }}"

- name: Render hbase-site.xml
kpgtek marked this conversation as resolved.
Show resolved Hide resolved
ansible.builtin.template:
Expand Down
12 changes: 12 additions & 0 deletions roles/hbase/ranger/tasks/config.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,19 @@
dest: "{{ hbase_install_dir }}/conf"
state: link

- name: Enable log4j audit in ranger-hive-audit.xml
ansible.builtin.blockinfile:
path: "{{ ranger_hbase_install_dir }}/install/conf.templates/enable/ranger-hbase-audit-changes.cfg"
marker: "# {mark} ANSIBLE MANAGED BLOCK : log4j audit logs"
insertbefore: "^AZURE.ACCOUNTNAME"
block: |
xasecure.audit.log4j.is.enabled %XAAUDIT.LOG4J.IS_ENABLED% mod create-if-not-exists
xasecure.audit.destination.log4j %XAAUDIT.LOG4J.DESTINATION% mod create-if-not-exists
xasecure.audit.destination.log4j.logger %XAAUDIT.LOG4J.DESTINATION.LOGGER% mod create-if-not-exists

when: enable_ranger_audit_log4j
kpgtek marked this conversation as resolved.
Show resolved Hide resolved

- name: Run enable-hbase-plugin.sh

Check warning on line 39 in roles/hbase/ranger/tasks/config.yml

View workflow job for this annotation

GitHub Actions / ansible-lint

no-changed-when 

Commands should not change things if nothing needs doing.
ansible.builtin.shell: |
export JAVA_HOME={{ java_home }}
./enable-hbase-plugin.sh
Expand Down
2 changes: 2 additions & 0 deletions roles/hbase/regionserver/tasks/config.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,8 @@
owner: root
group: root
mode: "644"
vars:
ranger_audit_file: "{{ hbase_log_dir }}/{{ hbase_rs_ranger_audit_file }}"

- name: Render hbase-site.xml
ansible.builtin.template:
Expand Down
8 changes: 7 additions & 1 deletion roles/hdfs/common/templates/install_hdfs.properties.j2
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -103,12 +103,18 @@ XAAUDIT.HDFS.LOCAL_BUFFER_FLUSH_INTERVAL_SECONDS=60
XAAUDIT.HDFS.LOCAL_BUFFER_ROLLOVER_INTERVAL_SECONDS=600
XAAUDIT.HDFS.LOCAL_ARCHIVE_MAX_FILE_COUNT=10

#Solr Audit Provder
#Solr Audit Provider
XAAUDIT.SOLR.IS_ENABLED=false
XAAUDIT.SOLR.MAX_QUEUE_SIZE=1
XAAUDIT.SOLR.MAX_FLUSH_INTERVAL_MS=1000
XAAUDIT.SOLR.SOLR_URL=http://localhost:6083/solr/ranger_audits

{% if enable_ranger_audit_log4j %}
# log4j audit
XAAUDIT.LOG4J.IS_ENABLED=true
XAAUDIT.LOG4J.DESTINATION=true
XAAUDIT.LOG4J.DESTINATION.LOGGER=xaaudit
{% endif %}

#
# SSL Client Certificate Information
Expand Down
2 changes: 2 additions & 0 deletions roles/hdfs/namenode/tasks/config.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,8 @@
owner: root
group: root
mode: "644"
vars:
ranger_audit_file: "{{ hdfs_log_dir }}/{{ hadoop_hdfs_ranger_audit_file }}"

- name: Template HDFS ZKFC service file
ansible.builtin.template:
Expand Down
18 changes: 18 additions & 0 deletions roles/hdfs/ranger/tasks/config.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,9 +33,27 @@
line: 'ranger.plugin.hdfs.policy.rest.ssl.config.file {{ hadoop_nn_conf_dir }}/ranger-policymgr-ssl.xml \2'
backrefs: true

- name: Enable log4j audit in ranger-hdfs-audit.xml
ansible.builtin.blockinfile:
path: "{{ ranger_hdfs_install_dir }}/install/conf.templates/enable/ranger-hdfs-audit-changes.cfg"
marker: "# {mark} ANSIBLE MANAGED BLOCK : log4j audit logs"
insertbefore: "^AZURE.ACCOUNTNAME"
block: |
xasecure.audit.log4j.is.enabled %XAAUDIT.LOG4J.IS_ENABLED% mod create-if-not-exists
xasecure.audit.destination.log4j %XAAUDIT.LOG4J.DESTINATION% mod create-if-not-exists
xasecure.audit.destination.log4j.logger %XAAUDIT.LOG4J.DESTINATION.LOGGER% mod create-if-not-exists

when: enable_ranger_audit_log4j
kpgtek marked this conversation as resolved.
Show resolved Hide resolved

- name: Run enable-hdfs-plugin.sh
ansible.builtin.shell: |
export JAVA_HOME={{ java_home }}
./enable-hdfs-plugin.sh
args:
chdir: "{{ ranger_hdfs_install_dir }}"

- name: Reestablish symbolic link from etc/hadoop in {{ hadoop_install_dir }} to {{ hadoop_client_conf_dir }}
ansible.builtin.file:
src: "{{ hadoop_client_conf_dir }}"
dest: "{{ hadoop_install_dir }}/etc/hadoop"
state: link
2 changes: 1 addition & 1 deletion roles/hive/common/templates/hive-env.sh.j2
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -73,7 +73,7 @@ if [ "$SERVICE" = "hiveserver2" ]; then
# Setting for HiveServer2 and Client
export HADOOP_HEAPSIZE="{{ hive_hs2_heapsize }}"
export HADOOP_LOGS_OPTS="-Dhive.log.dir={{ hive_log_dir }} -Dhive.log.file={{ hive_s2_log_file }} -Dhive.log.level={{ hive_root_logger_level }} -Dhive.root.logger={{ hive_root_logger }}"
export HADOOP_GC_OPTS="-Xloggc:{{ hive_log_dir }}/hiveserver2-gc-%t.log -XX:+UseG1GC -XX:+PrintGCDetails -XX:+PrintGCTimeStamps -XX:+PrintGCCause -XX:+UseGCLogFileRotation -XX:NumberOfGCLogFiles=10 -XX:GCLogFileSize=10M -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath={{ hive_log_dir }}/hs2_heapdump.hprof"
export HADOOP_GC_OPTS="-Xloggc:{{ hive_log_dir }}/hiveserver2-gc-%t.log -XX:+UseG1GC -XX:+PrintGCDetails -XX:+PrintGCTimeStamps -XX:+PrintGCCause -XX:+UseGCLogFileRotation -XX:NumberOfGCLogFiles=10 -XX:GCLogFileSize=10M -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath={{ hive_log_dir }}/hs2_heapdump.hprof"
export HADOOP_OPTS="$HADOOP_OPTS $JMX_OPTS ${HADOOP_LOGS_OPTS}"

fi
Expand Down
28 changes: 26 additions & 2 deletions roles/hive/common/templates/hive-log4j2.properties.j2
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,8 @@ property.hive.log.file = hive.log
property.hive.perflogger.log.level = INFO

# list of all appenders
appenders = {{ hive_root_logger }}
appenders = {%- if enable_ranger_audit_log4j %} RANGERAUDIT, {% endif %}{{ hive_root_logger }}


# console appender
appender.console.type = Console
Expand All @@ -52,7 +53,7 @@ appender.RFA.strategy.max = {{ hive_log_rfa_maxbackupindex }}
appender.DRFA.type = RollingRandomAccessFile
appender.DRFA.name = DRFA
appender.DRFA.fileName = ${sys:hive.log.dir}/${sys:hive.log.file}
appender.DRFA.filePattern = ${sys:hive.log.dir}/${sys:hive.log.file}.{{ hive_log_drfa_date_pattern }}
appender.DRFA.filePattern = ${sys:hive.log.dir}/${sys:hive.log.file}.{{ hive_log_drfa_date_pattern }}
appender.DRFA.layout.type = PatternLayout
appender.DRFA.layout.pattern = {{ hive_log_layout_pattern }}
appender.DRFA.policies.type = Policies
Expand All @@ -62,8 +63,31 @@ appender.DRFA.policies.timebased.modulate = false
appender.DRFA.strategy.type = DefaultRolloverStrategy
appender.DRFA.strategy.max = {{ hive_log_drfa_maxbackupindex }}

{% if enable_ranger_audit_log4j %}
appender.RANGERAUDIT.type = RollingRandomAccessFile
appender.RANGERAUDIT.name = RANGERAUDIT
appender.RANGERAUDIT.fileName = ${sys:hive.log.dir}/{{ hive_ranger_audit_file }}
appender.RANGERAUDIT.filePattern = ${sys:hive.log.dir}/{{ hive_ranger_audit_file }}.{{ hive_log_drfa_date_pattern }}
appender.RANGERAUDIT.layout.type = PatternLayout
appender.RANGERAUDIT.layout.pattern = {{ tdp_auditlog_layout_pattern }}
appender.RANGERAUDIT.policies.type = Policies
appender.RANGERAUDIT.policies.timebased.type = TimeBasedTriggeringPolicy
appender.RANGERAUDIT.policies.timebased.interval = 1
appender.RANGERAUDIT.policies.timebased.modulate = false
appender.RANGERAUDIT.strategy.type = DefaultRolloverStrategy
appender.RANGERAUDIT.strategy.max = {{ hive_log_drfa_maxbackupindex }}
{% endif %}

# list of all loggers
loggers = NIOServerCnxn, ClientCnxnSocketNIO, DataNucleus, Datastore, JPOX, PerfLogger, AmazonAws, ApacheHttp
{%- if enable_ranger_audit_log4j %}, xaaudit{% endif %}


{% if enable_ranger_audit_log4j %}
logger.xaaudit.name = xaaudit
logger.xaaudit.level = INFO
logger.xaaudit.appenderRef.RANGERAUDIT.ref = RANGERAUDIT
{% endif %}

logger.NIOServerCnxn.name = org.apache.zookeeper.server.NIOServerCnxn
logger.NIOServerCnxn.level = WARN
Expand Down
7 changes: 7 additions & 0 deletions roles/hive/common/templates/install.properties.j2
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -113,6 +113,13 @@ XAAUDIT.SOLR.MAX_QUEUE_SIZE=1
XAAUDIT.SOLR.MAX_FLUSH_INTERVAL_MS=1000
XAAUDIT.SOLR.SOLR_URL=http://localhost:6083/solr/ranger_audits

{% if enable_ranger_audit_log4j %}
# log4j audit
XAAUDIT.LOG4J.IS_ENABLED=true
XAAUDIT.LOG4J.DESTINATION=true
XAAUDIT.LOG4J.DESTINATION.LOGGER=xaaudit
{% endif %}

#
# SSL Client Certificate Information
#
Expand Down
13 changes: 13 additions & 0 deletions roles/hive/ranger/tasks/config.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,19 @@
line: 'ranger.plugin.hive.policy.rest.ssl.config.file {{ hive_s2_conf_dir }}/ranger-policymgr-ssl.xml \2'
backrefs: true

- name: Enable log4j audit in ranger-hive-audit.xml
ansible.builtin.blockinfile:
path: "{{ ranger_hive_install_dir }}/install/conf.templates/enable/ranger-hive-audit-changes.cfg"
marker: "# {mark} ANSIBLE MANAGED BLOCK : log4j audit logs"
insertbefore: "^AZURE.ACCOUNTNAME"
block: |
xasecure.audit.log4j.is.enabled %XAAUDIT.LOG4J.IS_ENABLED% mod create-if-not-exists
xasecure.audit.destination.log4j %XAAUDIT.LOG4J.DESTINATION% mod create-if-not-exists
xasecure.audit.destination.log4j.logger %XAAUDIT.LOG4J.DESTINATION.LOGGER% mod create-if-not-exists

when: enable_ranger_audit_log4j
kpgtek marked this conversation as resolved.
Show resolved Hide resolved


- name: Run enable-hive-plugin.sh
ansible.builtin.shell: |
export JAVA_HOME={{ java_home }}
Expand Down
11 changes: 11 additions & 0 deletions roles/knox/common/templates/gateway-log4j.properties.j2
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -104,3 +104,14 @@ log4j.appender.KNOXAGENT.File=${app.log.dir}/${ranger.knoxagent.log.file}
log4j.appender.KNOXAGENT.layout=org.apache.log4j.PatternLayout
log4j.appender.KNOXAGENT.layout.ConversionPattern=%d{ISO8601} %p %c{2}: %m%n %L
log4j.appender.KNOXAGENT.DatePattern=.yyyy-MM-dd


{% if enable_ranger_audit_log4j %}
ranger.logger=INFO,console,RANGERAUDIT
log4j.logger.xaaudit=${ranger.logger}
log4j.appender.RANGERAUDIT=org.apache.log4j.DailyRollingFileAppender
log4j.appender.RANGERAUDIT.File={{ knox_log_dir }}/{{ knox_ranger_audit_file }}
log4j.appender.RANGERAUDIT.layout=org.apache.log4j.PatternLayout
log4j.appender.RANGERAUDIT.layout.ConversionPattern={{ tdp_auditlog_layout_pattern }}
#log4j.appender.RANGERAUDIT.DatePattern=.yyyy-MM-dd
{% endif %}
7 changes: 7 additions & 0 deletions roles/knox/common/templates/install.properties.j2
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -111,6 +111,13 @@ XAAUDIT.SOLR.MAX_QUEUE_SIZE=1
XAAUDIT.SOLR.MAX_FLUSH_INTERVAL_MS=1000
XAAUDIT.SOLR.SOLR_URL=http://localhost:6083/solr/ranger_audits

{% if enable_ranger_audit_log4j %}
# log4j audit
XAAUDIT.LOG4J.IS_ENABLED=true
XAAUDIT.LOG4J.DESTINATION=true
XAAUDIT.LOG4J.DESTINATION.LOGGER=xaaudit
{% endif %}

#
# SSL Client Certificate Information
#
Expand Down
12 changes: 12 additions & 0 deletions roles/knox/ranger/tasks/config.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,18 @@
line: 'ranger.plugin.knox.policy.rest.ssl.config.file /etc/knox/conf/ranger-policymgr-ssl.xml \2'
backrefs: true

- name: Enable log4j audit in ranger-hive-audit.xml
ansible.builtin.blockinfile:
path: "{{ ranger_knox_install_dir }}/install/conf.templates/enable/ranger-knox-audit-changes.cfg"
marker: "# {mark} ANSIBLE MANAGED BLOCK : log4j audit logs"
insertbefore: "^AZURE.ACCOUNTNAME"
block: |
xasecure.audit.log4j.is.enabled %XAAUDIT.LOG4J.IS_ENABLED% mod create-if-not-exists
xasecure.audit.destination.log4j %XAAUDIT.LOG4J.DESTINATION% mod create-if-not-exists
xasecure.audit.destination.log4j.logger %XAAUDIT.LOG4J.DESTINATION.LOGGER% mod create-if-not-exists

when: enable_ranger_audit_log4j
kpgtek marked this conversation as resolved.
Show resolved Hide resolved

- name: Run enable-knox-plugin.sh
ansible.builtin.shell: |
export JAVA_HOME={{ java_home }}
Expand Down
7 changes: 7 additions & 0 deletions roles/yarn/common/templates/install_yarn.properties.j2
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -109,6 +109,12 @@ XAAUDIT.SOLR.MAX_QUEUE_SIZE=1
XAAUDIT.SOLR.MAX_FLUSH_INTERVAL_MS=1000
XAAUDIT.SOLR.SOLR_URL=http://localhost:6083/solr/ranger_audits

{% if enable_ranger_audit_log4j %}
# log4j audit
XAAUDIT.LOG4J.IS_ENABLED=true
XAAUDIT.LOG4J.DESTINATION=true
XAAUDIT.LOG4J.DESTINATION.LOGGER=xaaudit
{% endif %}

#
# SSL Client Certificate Information
Expand Down Expand Up @@ -138,3 +144,4 @@ CUSTOM_USER=yarn
# CUSTOM_COMPONENT_GROUP=<custom-group>
# keep blank if component group is default
CUSTOM_GROUP=hadoop

18 changes: 18 additions & 0 deletions roles/yarn/ranger/tasks/config.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,9 +34,27 @@
line: 'ranger.plugin.yarn.policy.rest.ssl.config.file /etc/hadoop/conf.rm/ranger-policymgr-ssl.xml \2'
backrefs: true

- name: Enable log4j audit in ranger-hive-audit.xml
ansible.builtin.blockinfile:
path: "{{ ranger_yarn_install_dir }}/install/conf.templates/enable/ranger-yarn-audit-changes.cfg"
marker: "# {mark} ANSIBLE MANAGED BLOCK : log4j audit logs"
insertbefore: "^AZURE.ACCOUNTNAME"
block: |
xasecure.audit.log4j.is.enabled %XAAUDIT.LOG4J.IS_ENABLED% mod create-if-not-exists
xasecure.audit.destination.log4j %XAAUDIT.LOG4J.DESTINATION% mod create-if-not-exists
xasecure.audit.destination.log4j.logger %XAAUDIT.LOG4J.DESTINATION.LOGGER% mod create-if-not-exists

when: enable_ranger_audit_log4j
kpgtek marked this conversation as resolved.
Show resolved Hide resolved

- name: Run enable-yarn-plugin.sh
ansible.builtin.shell: |
export JAVA_HOME={{ java_home }}
./enable-yarn-plugin.sh
args:
chdir: "{{ ranger_yarn_install_dir }}"

- name: Reestablish symbolic link from etc/hadoop in {{ hadoop_install_dir }} to {{ hadoop_client_conf_dir }}
ansible.builtin.file:
src: "{{ hadoop_client_conf_dir }}"
dest: "{{ hadoop_install_dir }}/etc/hadoop"
state: link
2 changes: 2 additions & 0 deletions roles/yarn/resourcemanager/tasks/config.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,8 @@
owner: root
group: root
mode: "644"
vars:
ranger_audit_file: "{{ yarn_log_dir }}/{{ hadoop_yarn_ranger_audit_file }}"


- name: Render core-site.xml
Expand Down
12 changes: 10 additions & 2 deletions tdp_vars_defaults/tdp-cluster/tdp-cluster.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@

# Directory where TDP component releases are located locally
binaries_local_dir: "{{ lookup('env', 'PWD') }}/files"
# Directory where TDP component releases are uploaded for each host
# Directory where TDP component releases are uploaded for each host
binaries_upload_dir: /tmp

# Name of the cluster. Used as HDFS nameservice and YARN cluster ID
Expand Down Expand Up @@ -164,10 +164,12 @@ exporter_hdfs_httpfs_http_port: 18122
#################################
# Service & Component logs dirs #
#################################
# format : log4j 1.x "%d{ISO8601}" is not fully compliant with ISO8601 standard
# format : log4j 1.x "%d{ISO8601}" is not fully compliant with ISO8601 standard
# (no 'T' as date/time separator) we specify it here.
tdp_date_iso8601_with_tz: "%d{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}"
tdp_log_layout_pattern: '{{ tdp_date_iso8601_with_tz }} - %-5p [%t:%C{1}@%L] - %m%n'
enable_ranger_audit_log4j: true
tdp_auditlog_layout_pattern: '%m%n'

hadoop_log_dir: /var/log/hadoop

Expand All @@ -177,11 +179,13 @@ hadoop_hdfs_journalnode_log_file: "hdfs-journalnode_{{ ansible_fqdn }}.log"
hadoop_hdfs_zkfc_log_file: "hdfs-zkfc_{{ ansible_fqdn }}.log"
hadoop_hdfs_datanode_log_file: "hdfs-datanode_{{ ansible_fqdn }}.log"
hadoop_hdfs_httpfs_log_file: "hdfs-httpfs_{{ ansible_fqdn }}.log"
hadoop_hdfs_ranger_audit_file: "hdfs-rangeraudit_{{ ansible_fqdn }}.log"

yarn_log_dir: /var/log/yarn
hadoop_yarn_resourcemanager_log_file: "yarn-resourcemanager_{{ ansible_fqdn }}.log"
hadoop_yarn_nodemanager_log_file: "yarn-nodemanager_{{ ansible_fqdn }}.log"
hadoop_yarn_timelineserver_log_file: "yarn-timelineserver_{{ ansible_fqdn }}.log"
hadoop_yarn_ranger_audit_file: "yarn-rangeraudit_{{ ansible_fqdn }}.log"

mapred_log_dir: /var/log/mapred
hadoop_mapred_historyserver_log_file: "mapred-historyserver_{{ ansible_fqdn }}.log"
Expand All @@ -190,16 +194,20 @@ hbase_log_dir: /var/log/hbase
hbase_hm_log_file: "hbase-master_{{ ansible_fqdn }}.log"
hbase_hrs_log_file: "hbase-regionserver_{{ ansible_fqdn }}.log"
hbase_hr_log_file: "hbase-rest_{{ ansible_fqdn }}.log"
hbase_master_ranger_audit_file: "hbase-master-rangeraudit_{{ ansible_fqdn }}.log"
hbase_rs_ranger_audit_file: "hbase-region-server-rangeraudit_{{ ansible_fqdn }}.log"

phoenix_log_dir: /var/log/phoenix
phoenix_queryserver_log_file: "phoenix-queryserver_{{ ansible_fqdn }}.log"

hive_log_dir: /var/log/hive
hive_s2_log_file: "hive-hiveserver2_{{ ansible_fqdn }}.log"
hive_ms_log_file: "hive-metastore_{{ ansible_fqdn }}.log"
hive_ranger_audit_file: "hive-rangeraudit_{{ ansible_fqdn }}.log"

knox_log_dir: /var/log/knox
knox_gateway_log_file: "knox-gateway_{{ ansible_fqdn }}.log"
knox_ranger_audit_file: "knox-rangeraudit_{{ ansible_fqdn }}.log"

ranger_log_dir: /var/log/ranger
ranger_admin_log_file: "ranger-admin_{{ ansible_fqdn }}.log"
Expand Down
Loading