Hi Yiyang, +1 to enable if we have a way to exclude on demand.
Thanks, Arpit > On Apr 3, 2022, at 9:37 PM, Janus Chow <yiyang0...@gmail.com> wrote: > > Thanks for the reply. @Arp > > From the commit in > https://github.com/apache/hadoop/blob/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/resources/hdfs-default.xml#L3190, > I think by default the configuration is empty. > > In a releted ticket, https://issues.apache.org/jira/browse/HDFS-9828, It's > also recommended not to disable READ audit logs. > > Currently, we only enabled audit for READ in our UAT cluster, the > request/second is not very high, in PROD cluster, it should be quite higher. > > IMHO, the read audit log is quite useful, the problem is that we don't have > a similar way like HDFS to exclude some read operations. If we have a > similar exclude mechanism, is it ok to enable READ operation audit log by > default? > > > Thanks > Yiyang > > Arpit Agarwal <aagar...@cloudera.com.invalid> 于2022年4月4日周一 12:01写道: > >> Hi Janus, >> >> Performance will be the main concern. In busy HDFS clusters admins are >> likely to use dfs.namenode.audit.log.debug.cmdlist. >> >> Have you enabled read audit logging in your Ozone cluster? What is the >> number of requests/second? >> >> Thanks, >> Arpit >> >> >>> On Apr 3, 2022, at 7:58 PM, Janus Chow <yiyang0...@gmail.com> wrote: >>> >>> Hi Ozone dev, >>> >>> When checking the audit logs from Ozone components, we found that by >>> default Ozone only logs WRITE operations. In order to enable the audit >> log >>> for READ operations, we need to change the configurations in >>> audit-log4j2.properties. >>> That brings some confusion for users when comparing it to some other >>> storage systems, like HDFS, in which audit logs are enabled for both READ >>> and WRITE by default. >>> >>> We have a Jira ticket(https://issues.apache.org/jira/browse/HDDS-6532) >> and >>> PR (https://github.com/apache/ozone/pull/3255) about adding audit logs >> for >>> READ operations by default. >>> Could you help to check and comment if there are any specific concerns >>> not to enable READ audit logs? >>> >>> Yiyang >>> Thank you very much. >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: dev-unsubscr...@ozone.apache.org >> For additional commands, e-mail: dev-h...@ozone.apache.org >> >> --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@ozone.apache.org For additional commands, e-mail: dev-h...@ozone.apache.org
