Hi, all:
I want to config audit log for hive 1.2.1.
I use kerberos for hive authentication, and did not start up the hive
metastore service.
Just under such a background,I opened hive autid-log function. But the log
contents like this:
"HiveMetaStore.java:logAuditEvent(371) - ugi=ocp ip=unknown-ip-addr
cmd=get_table : db=default pat=*"
My $HIVE_HOME is on the same machine with hive metastore(MySQL)。I don't know
why the IP addr is "unknown-ip-addr". I looked into hive source code,and found
some useful info:
"
// This will return null if the metastore is not being accessed from a
metastore Thrift server,
// or if the TTransport being used to connect is not an instance of
TSocket, or if kereberos
// is used
public static String getThreadLocalIpAddress() {
return threadLocalIpAddress.get();
}"
Does this means if I used kerberos and didn't startup metastore service by
"hive --service metastore", the ip-addr will always be "unknown-ip-addr"?
and by the way, the cmd is just like this "cmd=get_table:db=default pat=*" or
"cmd=get_functions:db=default pat=*",etc? the audit log cannot record full
specific sql?
Thanks in advance for any reply.
Maria.
