Hello,
@Arp @feihui, Thanks for the reply.
Have created a ticket for the feature to exclude operations on demand. (
https://issues.apache.org/jira/browse/HDDS-6562)
Thanks
Yiyang
Arpit Agarwal <aagar...@cloudera.com.invalid> 于2022年4月6日周三 21:36写道:
> Hi Yiyang,
>
> +1 to enable if we have a way to exclude on demand.
>
> Thanks,
> Arpit
>
>
> > On Apr 3, 2022, at 9:37 PM, Janus Chow <yiyang0...@gmail.com> wrote:
> >
> > Thanks for the reply. @Arp
> >
> > From the commit in
> >
> https://github.com/apache/hadoop/blob/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/resources/hdfs-default.xml#L3190
> ,
> > I think by default the configuration is empty.
> >
> > In a releted ticket, https://issues.apache.org/jira/browse/HDFS-9828,
> It's
> > also recommended not to disable READ audit logs.
> >
> > Currently, we only enabled audit for READ in our UAT cluster, the
> > request/second is not very high, in PROD cluster, it should be quite
> higher.
> >
> > IMHO, the read audit log is quite useful, the problem is that we don't
> have
> > a similar way like HDFS to exclude some read operations. If we have a
> > similar exclude mechanism, is it ok to enable READ operation audit log by
> > default?
> >
> >
> > Thanks
> > Yiyang
> >
> > Arpit Agarwal <aagar...@cloudera.com.invalid> 于2022年4月4日周一 12:01写道:
> >
> >> Hi Janus,
> >>
> >> Performance will be the main concern. In busy HDFS clusters admins are
> >> likely to use dfs.namenode.audit.log.debug.cmdlist.
> >>
> >> Have you enabled read audit logging in your Ozone cluster? What is the
> >> number of requests/second?
> >>
> >> Thanks,
> >> Arpit
> >>
> >>
> >>> On Apr 3, 2022, at 7:58 PM, Janus Chow <yiyang0...@gmail.com> wrote:
> >>>
> >>> Hi Ozone dev,
> >>>
> >>> When checking the audit logs from Ozone components, we found that by
> >>> default Ozone only logs WRITE operations. In order to enable the audit
> >> log
> >>> for READ operations, we need to change the configurations in
> >>> audit-log4j2.properties.
> >>> That brings some confusion for users when comparing it to some other
> >>> storage systems, like HDFS, in which audit logs are enabled for both
> READ
> >>> and WRITE by default.
> >>>
> >>> We have a Jira ticket(https://issues.apache.org/jira/browse/HDDS-6532)
> >> and
> >>> PR (https://github.com/apache/ozone/pull/3255) about adding audit logs
> >> for
> >>> READ operations by default.
> >>> Could you help to check and comment if there are any specific concerns
> >>> not to enable READ audit logs?
> >>>
> >>> Yiyang
> >>> Thank you very much.
> >>
> >>
> >> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: dev-unsubscr...@ozone.apache.org
> >> For additional commands, e-mail: dev-h...@ozone.apache.org
> >>
> >>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscr...@ozone.apache.org
> For additional commands, e-mail: dev-h...@ozone.apache.org
>
>
