org.apache.ranger.audit.model.AuthzAuditEvent Java Examples

The following examples show how to use org.apache.ranger.audit.model.AuthzAuditEvent. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: RangerNiFiAuthorizer.java    From nifi with Apache License 2.0 6 votes vote down vote up
@Override
public void auditAccessAttempt(final AuthorizationRequest request, final AuthorizationResult result) {
    final RangerAccessResult rangerResult;
    synchronized (resultLookup) {
        rangerResult = resultLookup.remove(request);
    }

    if (rangerResult != null && rangerResult.getIsAudited()) {
        AuthzAuditEvent event = defaultAuditHandler.getAuthzEvents(rangerResult);

        // update the event with the originally requested resource
        event.setResourceType(RANGER_NIFI_RESOURCE_NAME);
        event.setResourcePath(request.getRequestedResource().getIdentifier());

        defaultAuditHandler.logAuthzAudit(event);
    }
}
 
Example #2
Source File: SolrAuditProvider.java    From ranger with Apache License 2.0 6 votes vote down vote up
SolrInputDocument toSolrDoc(AuthzAuditEvent auditEvent) {
	SolrInputDocument doc = new SolrInputDocument();
	doc.addField("id", auditEvent.getEventId());
	doc.addField("access", auditEvent.getAccessType());
	doc.addField("enforcer", auditEvent.getAclEnforcer());
	doc.addField("agent", auditEvent.getAgentId());
	doc.addField("repo", auditEvent.getRepositoryName());
	doc.addField("sess", auditEvent.getSessionId());
	doc.addField("reqUser", auditEvent.getUser());
	doc.addField("reqData", auditEvent.getRequestData());
	doc.addField("resource", auditEvent.getResourcePath());
	doc.addField("cliIP", auditEvent.getClientIP());
	doc.addField("logType", auditEvent.getLogType());
	doc.addField("result", auditEvent.getAccessResult());
	doc.addField("policy", auditEvent.getPolicyId());
	doc.addField("repoType", auditEvent.getRepositoryType());
	doc.addField("resType", auditEvent.getResourceType());
	doc.addField("reason", auditEvent.getResultReason());
	doc.addField("action", auditEvent.getAction());
	doc.addField("evtTime", auditEvent.getEventTime());
	doc.addField("tags", auditEvent.getTags());
	doc.addField("cluster", auditEvent.getClusterName());
	doc.addField("zone", auditEvent.getZoneName());
	doc.addField("agentHost", auditEvent.getAgentHostname());
	return doc;
}
 
Example #3
Source File: HbaseAuditHandlerImpl.java    From ranger with Apache License 2.0 6 votes vote down vote up
@Override
public AuthzAuditEvent getAuthzEvents(RangerAccessResult result) {
	if(LOG.isDebugEnabled()) {
		LOG.debug("==> HbaseAuditHandlerImpl.getAuthzEvents(" + result + ")");
	}

	resetResourceForAudit(result.getAccessRequest());
	AuthzAuditEvent event = super.getAuthzEvents(result);
	// first accumulate last set of events and then capture these as the most recent ones
	if (_mostRecentEvent != null) {
		LOG.debug("getAuthzEvents: got one event from default audit handler");
		_allEvents.add(_mostRecentEvent);
	} else {
		LOG.debug("getAuthzEvents: no event produced by default audit handler");
	}
	_mostRecentEvent = event;

	if(LOG.isDebugEnabled()) {
		LOG.debug("==> getAuthzEvents: mostRecentEvent:" + _mostRecentEvent);
	}
	// We return null because we don't want default audit handler to audit anything!
	if(LOG.isDebugEnabled()) {
		LOG.debug("<== HbaseAuditHandlerImpl.getAuthzEvents(" + result + "): null");
	}
	return null;
}
 
Example #4
Source File: HbaseAuditHandlerImpl.java    From ranger with Apache License 2.0 6 votes vote down vote up
@Override
public List<AuthzAuditEvent> getCapturedEvents() {
	if(LOG.isDebugEnabled()) {
		LOG.debug("==> HbaseAuditHandlerImpl.getCapturedEvents()");
	}

	// construct a new collection since we don't want to lose track of which were the most recent events;
	List<AuthzAuditEvent> result = new ArrayList<AuthzAuditEvent>(_allEvents);
	if (_mostRecentEvent != null) {
		result.add(_mostRecentEvent);
	}
	applySuperUserOverride(result);

	if(LOG.isDebugEnabled()) {
		LOG.debug("<== HbaseAuditHandlerImpl.getAuthzEvents(): count[" + result.size() + "] :result : " + result);
	}
	return result;
}
 
Example #5
Source File: RangerAuthorizer.java    From nifi-registry with Apache License 2.0 6 votes vote down vote up
@Override
public void auditAccessAttempt(final AuthorizationRequest request, final AuthorizationResult result) {
    final RangerAccessResult rangerResult;
    synchronized (resultLookup) {
        rangerResult = resultLookup.remove(request);
    }

    if (rangerResult != null && rangerResult.getIsAudited()) {
        AuthzAuditEvent event = defaultAuditHandler.getAuthzEvents(rangerResult);

        // update the event with the originally requested resource
        event.setResourceType(RANGER_NIFI_REG_RESOURCE_NAME);
        event.setResourcePath(request.getRequestedResource().getIdentifier());

        defaultAuditHandler.logAuthzAudit(event);
    }
}
 
Example #6
Source File: BufferedAuditProvider.java    From ranger with Apache License 2.0 6 votes vote down vote up
@Override
public boolean log(AuditEventBase event) {
	if (event instanceof AuthzAuditEvent) {
		AuthzAuditEvent authzEvent = (AuthzAuditEvent) event;

		if (authzEvent.getAgentHostname() == null) {
			authzEvent.setAgentHostname(MiscUtil.getHostname());
		}

		if (authzEvent.getLogType() == null) {
			authzEvent.setLogType("RangerAudit");
		}

		if (authzEvent.getEventId() == null) {
			authzEvent.setEventId(MiscUtil.generateUniqueId());
		}
	}

	if (!mBuffer.add(event)) {
		logFailedEvent(event);
		return false;
	}
	return true;
}
 
Example #7
Source File: RangerDefaultAuditHandler.java    From ranger with Apache License 2.0 6 votes vote down vote up
private void populateDefaults(AuthzAuditEvent auditEvent) {
	if( auditEvent.getAclEnforcer() == null || auditEvent.getAclEnforcer().isEmpty()) {
		auditEvent.setAclEnforcer("ranger-acl"); // TODO: review
	}

	if (auditEvent.getAgentHostname() == null || auditEvent.getAgentHostname().isEmpty()) {
		auditEvent.setAgentHostname(MiscUtil.getHostname());
	}

	if (auditEvent.getLogType() == null || auditEvent.getLogType().isEmpty()) {
		auditEvent.setLogType("RangerAudit");
	}

	if (auditEvent.getEventId() == null || auditEvent.getEventId().isEmpty()) {
		auditEvent.setEventId(generateNextAuditEventId());
	}

	if (auditEvent.getAgentId() == null) {
		auditEvent.setAgentId(MiscUtil.getApplicationType());
	}

	auditEvent.setSeqNum(sequenceNumber++);
}
 
Example #8
Source File: RangerDefaultAuditHandler.java    From ranger with Apache License 2.0 6 votes vote down vote up
public void logAuthzAudit(AuthzAuditEvent auditEvent) {
	if(LOG.isDebugEnabled()) {
		LOG.debug("==> RangerDefaultAuditHandler.logAuthzAudit(" + auditEvent + ")");
	}

	if(auditEvent != null) {
		populateDefaults(auditEvent);

		AuditHandler auditProvider = RangerBasePlugin.getAuditProvider(auditEvent.getRepositoryName());
		if (auditProvider == null || !auditProvider.log(auditEvent)) {
			MiscUtil.logErrorMessageByInterval(LOG, "fail to log audit event " + auditEvent);
		}
	}

	if(LOG.isDebugEnabled()) {
		LOG.debug("<== RangerDefaultAuditHandler.logAuthzAudit(" + auditEvent + ")");
	}
}
 
Example #9
Source File: RangerDefaultAuditHandler.java    From ranger with Apache License 2.0 6 votes vote down vote up
@Override
public void processResults(Collection<RangerAccessResult> results) {
	if(LOG.isDebugEnabled()) {
		LOG.debug("==> RangerDefaultAuditHandler.processResults(" + results + ")");
	}

	Collection<AuthzAuditEvent> events = getAuthzEvents(results);

	if (events != null) {
		logAuthzAudits(events);
	}

	if(LOG.isDebugEnabled()) {
		LOG.debug("<== RangerDefaultAuditHandler.processResults(" + results + ")");
	}
}
 
Example #10
Source File: RangerAtlasAuthorizer.java    From ranger with Apache License 2.0 6 votes vote down vote up
@Override
public void processResult(RangerAccessResult result) {
    if (denyExists) { // nothing more to do, if a deny already encountered
        return;
    }

    AuthzAuditEvent auditEvent = super.getAuthzEvents(result);

    if (auditEvent != null) {
        // audit event might have list of entity-types and classification-types; overwrite with the values in original request
        if (resourcePath != null) {
            auditEvent.setResourcePath(resourcePath);
        }

        if (!result.getIsAllowed()) {
            denyExists = true;

            auditEvents.clear();
        }

        auditEvents.put(auditEvent.getPolicyId() + auditEvent.getAccessType(), auditEvent);
    }
}
 
Example #11
Source File: RangerHiveAuditHandler.java    From ranger with Apache License 2.0 6 votes vote down vote up
@Override
public void processResult(RangerAccessResult result) {
	if(! result.getIsAudited()) {
		return;
	}

	if  (skipFilterOperationAuditing(result)) {
		return;
	}

	AuthzAuditEvent auditEvent = createAuditEvent(result);

	if(auditEvent != null) {
		addAuthzAuditEvent(auditEvent);
	}
}
 
Example #12
Source File: RangerHiveAuditHandler.java    From ranger with Apache License 2.0 6 votes vote down vote up
public void logAuditEventForDfs(String userName, String dfsCommand, boolean accessGranted, int repositoryType, String repositoryName) {
AuthzAuditEvent auditEvent = new AuthzAuditEvent();

auditEvent.setAclEnforcer(moduleName);
auditEvent.setResourceType("@dfs"); // to be consistent with earlier release
auditEvent.setAccessType("DFS");
auditEvent.setAction("DFS");
auditEvent.setUser(userName);
auditEvent.setAccessResult((short)(accessGranted ? 1 : 0));
auditEvent.setEventTime(new Date());
auditEvent.setRepositoryType(repositoryType);
auditEvent.setRepositoryName(repositoryName);
auditEvent.setRequestData(dfsCommand);

auditEvent.setResourcePath(dfsCommand);

if(LOG.isDebugEnabled()){
	LOG.debug("Logging DFS event " + auditEvent.toString());
}

addAuthzAuditEvent(auditEvent);
  }
 
Example #13
Source File: TestConsumer.java    From ranger with Apache License 2.0 5 votes vote down vote up
@Override
public boolean logJSON(String jsonStr) {
	if (isDown) {
		return false;
	}
	countTotal++;
	AuthzAuditEvent event = MiscUtil.fromJson(jsonStr,
			AuthzAuditEvent.class);
	sumTotal += event.getEventCount();
	logger.info("JSON:" + jsonStr);
	eventList.add(event);
	return true;
}
 
Example #14
Source File: ElasticSearchAuditDestination.java    From ranger with Apache License 2.0 5 votes vote down vote up
Map<String, Object> toDoc(AuthzAuditEvent auditEvent) {
    Map<String, Object> doc = new HashMap<String, Object>();
    doc.put("id", auditEvent.getEventId());
    doc.put("access", auditEvent.getAccessType());
    doc.put("enforcer", auditEvent.getAclEnforcer());
    doc.put("agent", auditEvent.getAgentId());
    doc.put("repo", auditEvent.getRepositoryName());
    doc.put("sess", auditEvent.getSessionId());
    doc.put("reqUser", auditEvent.getUser());
    doc.put("reqData", auditEvent.getRequestData());
    doc.put("resource", auditEvent.getResourcePath());
    doc.put("cliIP", auditEvent.getClientIP());
    doc.put("logType", auditEvent.getLogType());
    doc.put("result", auditEvent.getAccessResult());
    doc.put("policy", auditEvent.getPolicyId());
    doc.put("repoType", auditEvent.getRepositoryType());
    doc.put("resType", auditEvent.getResourceType());
    doc.put("reason", auditEvent.getResultReason());
    doc.put("action", auditEvent.getAction());
    doc.put("evtTime", auditEvent.getEventTime());
    doc.put("seq_num", auditEvent.getSeqNum());
    doc.put("event_count", auditEvent.getEventCount());
    doc.put("event_dur_ms", auditEvent.getEventDurationMS());
    doc.put("tags", auditEvent.getTags());
    doc.put("cluster", auditEvent.getClusterName());
    doc.put("zoneName", auditEvent.getZoneName());
    doc.put("agentHost", auditEvent.getAgentHostname());
    doc.put("policyVersion", auditEvent.getPolicyVersion());
    return doc;
}
 
Example #15
Source File: SolrAuditDestination.java    From ranger with Apache License 2.0 5 votes vote down vote up
SolrInputDocument toSolrDoc(AuthzAuditEvent auditEvent) {
	SolrInputDocument doc = new SolrInputDocument();
	doc.addField("id", auditEvent.getEventId());
	doc.addField("access", auditEvent.getAccessType());
	doc.addField("enforcer", auditEvent.getAclEnforcer());
	doc.addField("agent", auditEvent.getAgentId());
	doc.addField("repo", auditEvent.getRepositoryName());
	doc.addField("sess", auditEvent.getSessionId());
	doc.addField("reqUser", auditEvent.getUser());
	doc.addField("reqData", auditEvent.getRequestData());
	doc.addField("resource", auditEvent.getResourcePath());
	doc.addField("cliIP", auditEvent.getClientIP());
	doc.addField("logType", auditEvent.getLogType());
	doc.addField("result", auditEvent.getAccessResult());
	doc.addField("policy", auditEvent.getPolicyId());
	doc.addField("repoType", auditEvent.getRepositoryType());
	doc.addField("resType", auditEvent.getResourceType());
	doc.addField("reason", auditEvent.getResultReason());
	doc.addField("action", auditEvent.getAction());
	doc.addField("evtTime", auditEvent.getEventTime());
	doc.addField("seq_num", auditEvent.getSeqNum());
	doc.setField("event_count", auditEvent.getEventCount());
	doc.setField("event_dur_ms", auditEvent.getEventDurationMS());
	doc.setField("tags", auditEvent.getTags());
	doc.setField("cluster", auditEvent.getClusterName());
	doc.setField("zoneName", auditEvent.getZoneName());
	doc.setField("agentHost", auditEvent.getAgentHostname());
	doc.setField("policyVersion", auditEvent.getPolicyVersion());

	return doc;
}
 
Example #16
Source File: RangerHiveAuditHandler.java    From ranger with Apache License 2.0 5 votes vote down vote up
AuthzAuditEvent createAuditEvent(RangerAccessResult result) {

		AuthzAuditEvent ret = null;

		RangerAccessRequest  request  = result.getAccessRequest();
		RangerAccessResource resource = request.getResource();
		String               resourcePath = resource != null ? resource.getAsString() : null;
		int                  policyType = result.getPolicyType();

		if (policyType == RangerPolicy.POLICY_TYPE_DATAMASK && result.isMaskEnabled()) {
		    ret = createAuditEvent(result, result.getMaskType(), resourcePath);
        } else if (policyType == RangerPolicy.POLICY_TYPE_ROWFILTER) {
            ret = createAuditEvent(result, ACCESS_TYPE_ROWFILTER, resourcePath);
		} else if (policyType == RangerPolicy.POLICY_TYPE_ACCESS) {
			String accessType = null;

			if (request instanceof RangerHiveAccessRequest) {
				RangerHiveAccessRequest hiveRequest = (RangerHiveAccessRequest) request;

				accessType = hiveRequest.getHiveAccessType().toString();

				String action = request.getAction();
				if (ACTION_TYPE_METADATA_OPERATION.equals(action)) {
					accessType = ACTION_TYPE_METADATA_OPERATION;
				}
			}

			if (StringUtils.isEmpty(accessType)) {
				accessType = request.getAccessType();
			}

			ret = createAuditEvent(result, accessType, resourcePath);
		}

		return ret;
	}
 
Example #17
Source File: BaseAuditHandler.java    From ranger with Apache License 2.0 5 votes vote down vote up
@Override
public boolean logJSON(Collection<String> events) {
	List<AuditEventBase> eventList = new ArrayList<AuditEventBase>(events.size());
	for (String event : events) {
		eventList.add(MiscUtil.fromJson(event, AuthzAuditEvent.class));
	}
	return log(eventList);
}
 
Example #18
Source File: HbaseAuditHandlerImpl.java    From ranger with Apache License 2.0 5 votes vote down vote up
@Override
public AuthzAuditEvent getAndDiscardMostRecentEvent() {
	if(LOG.isDebugEnabled()) {
		LOG.debug("==> HbaseAuditHandlerImpl.getAndDiscardMostRecentEvent():");
	}

	AuthzAuditEvent result = _mostRecentEvent;
	applySuperUserOverride(result);
	_mostRecentEvent = null;

	if(LOG.isDebugEnabled()) {
		LOG.debug("<== HbaseAuditHandlerImpl.getAndDiscardMostRecentEvent(): " + result);
	}
	return result;
}
 
Example #19
Source File: RangerHiveAuditHandler.java    From ranger with Apache License 2.0 5 votes vote down vote up
/**
 * This method is expected to be called ONLY to process the results for multiple-columns in a table.
 * To ensure this, RangerHiveAuthorizer should call isAccessAllowed(Collection<requests>) only for this condition
 */
@Override
public void processResults(Collection<RangerAccessResult> results) {
	List<AuthzAuditEvent> auditEvents = createAuditEvents(results);
	for(AuthzAuditEvent auditEvent : auditEvents) {
		addAuthzAuditEvent(auditEvent);
	}
}
 
Example #20
Source File: HbaseAuditHandlerImpl.java    From ranger with Apache License 2.0 5 votes vote down vote up
@Override
public void setMostRecentEvent(AuthzAuditEvent event) {
	if(LOG.isDebugEnabled()) {
		LOG.debug("==> HbaseAuditHandlerImpl.setMostRecentEvent(" + event + ")");
	}
	_mostRecentEvent = event;
	if(LOG.isDebugEnabled()) {
		LOG.debug("<== HbaseAuditHandlerImpl.setMostRecentEvent(...)");
	}
}
 
Example #21
Source File: AuthzAuditEventDbObj.java    From ranger with Apache License 2.0 5 votes vote down vote up
public AuthzAuditEventDbObj(AuthzAuditEvent event) {
	super();
	Date utcDate=null;
	if(event.getEventTime()!=null){
		utcDate=MiscUtil.getUTCDateForLocalDate(event.getEventTime());
	}else{
		utcDate=MiscUtil.getUTCDate();
	}
	this.repositoryType = event.getRepositoryType();
	this.repositoryName = event.getRepositoryName();
	this.user           = event.getUser();
	this.timeStamp      = utcDate;
	this.accessType     = event.getAccessType();
	this.resourcePath   = event.getResourcePath();
	this.resourceType   = event.getResourceType();
	this.action         = event.getAction();
	this.accessResult   = event.getAccessResult();
	this.agentId        = event.getAgentId();
	this.policyId       = event.getPolicyId();
	this.resultReason   = event.getResultReason();
	this.aclEnforcer    = event.getAclEnforcer();
	this.sessionId      = event.getSessionId();
	this.clientType     = event.getClientType();
	this.clientIP       = event.getClientIP();
	this.requestData    = event.getRequestData();
	this.seqNum         = event.getSeqNum();
	this.eventCount     = event.getEventCount();
	this.eventDurationMS= event.getEventDurationMS();
	this.tags           = StringUtils.join(event.getTags(), ", ");
}
 
Example #22
Source File: HbaseAuditHandlerImpl.java    From ranger with Apache License 2.0 5 votes vote down vote up
void applySuperUserOverride(List<AuthzAuditEvent> events) {
	if(LOG.isDebugEnabled()) {
		LOG.debug("==> HbaseAuditHandlerImpl.applySuperUserOverride(" + events + ")");
	}

	for (AuthzAuditEvent event : events) {
		applySuperUserOverride(event);
	}

	if(LOG.isDebugEnabled()) {
		LOG.debug("<== HbaseAuditHandlerImpl.applySuperUserOverride(...)");
	}
}
 
Example #23
Source File: HbaseAuditHandlerImpl.java    From ranger with Apache License 2.0 5 votes vote down vote up
void applySuperUserOverride(AuthzAuditEvent event) {
	if(LOG.isDebugEnabled()) {
		LOG.debug("==> HbaseAuditHandlerImpl.applySuperUserOverride(" + event + ")");
	}
	if (event != null && _superUserOverride) {
		event.setAccessResult((short) 1);
		event.setPolicyId(-1);
	}
	if(LOG.isDebugEnabled()) {
		LOG.debug("<== HbaseAuditHandlerImpl.applySuperUserOverride(...)");
	}
}
 
Example #24
Source File: RangerDefaultAuditHandler.java    From ranger with Apache License 2.0 5 votes vote down vote up
public void logAuthzAudits(Collection<AuthzAuditEvent> auditEvents) {
	if(LOG.isDebugEnabled()) {
		LOG.debug("==> RangerDefaultAuditHandler.logAuthzAudits(" + auditEvents + ")");
	}

	if(auditEvents != null) {
		for(AuthzAuditEvent auditEvent : auditEvents) {
			logAuthzAudit(auditEvent);
		}
	}

	if(LOG.isDebugEnabled()) {
		LOG.debug("<== RangerDefaultAuditHandler.logAuthzAudits(" + auditEvents + ")");
	}
}
 
Example #25
Source File: TestConsumer.java    From ranger with Apache License 2.0 5 votes vote down vote up
@Override
public boolean log(AuditEventBase event) {
	if (isDown) {
		return false;
	}
	countTotal++;
	if (event instanceof AuthzAuditEvent) {
		AuthzAuditEvent azEvent = (AuthzAuditEvent) event;
		sumTotal += azEvent.getEventCount();
		logger.info("EVENT:" + event);
		eventList.add(azEvent);
	}
	return true;
}
 
Example #26
Source File: TestConsumer.java    From ranger with Apache License 2.0 5 votes vote down vote up
public AuthzAuditEvent isInSequence() {
	long lastSeq = -1;
	for (AuthzAuditEvent event : eventList) {
		if (event.getSeqNum() <= lastSeq) {
			return event;
		}
		lastSeq = event.getSeqNum();
	}
	return null;
}
 
Example #27
Source File: ElasticSearchAccessAuditsServiceTest.java    From ranger with Apache License 2.0 5 votes vote down vote up
private AuthzAuditEvent getAuthzAuditEvent() {
    AuthzAuditEvent event = new AuthzAuditEvent();
    event.setAccessResult((short) 1);
    event.setAccessType("");
    event.setAclEnforcer("");
    event.setAction("");
    event.setAdditionalInfo("");
    event.setAgentHostname("");
    event.setAgentId("");
    event.setClientIP("");
    event.setClusterName("");
    event.setClientType("");
    event.setEventCount(1);
    event.setEventDurationMS(1);
    event.setEventId("");
    event.setEventTime(new Date());
    event.setLogType("");
    event.setPolicyId(1);
    event.setPolicyVersion(1l);
    event.setRepositoryName("");
    event.setRequestData("");
    event.setRepositoryName("");
    event.setRepositoryType(1);
    event.setResourcePath("");
    event.setResultReason("");
    event.setSeqNum(1);
    event.setSessionId("");
    event.setTags(new HashSet<>());
    event.setUser("");
    event.setZoneName("");
    return event;
}
 
Example #28
Source File: TestAuditQueue.java    From ranger with Apache License 2.0 5 votes vote down vote up
private AuthzAuditEvent createEvent(String user, String accessType,
		String resource, boolean isAllowed) {
	AuthzAuditEvent event = new AuthzAuditEvent();
	event.setUser(user);
	event.setAccessType(accessType);
	event.setResourcePath(resource);
	event.setAccessResult(isAllowed ? (short) 1 : (short) 0);

	event.setSeqNum(++seqNum);
	return event;
}
 
Example #29
Source File: RangerAtlasAuthorizer.java    From ranger with Apache License 2.0 5 votes vote down vote up
public void flushAudit() {
    if (auditEvents != null) {
        for (AuthzAuditEvent auditEvent : auditEvents.values()) {
            logAuthzAudit(auditEvent);
        }
    }
}
 
Example #30
Source File: RangerDefaultAuditHandler.java    From ranger with Apache License 2.0 5 votes vote down vote up
@Override
public void processResult(RangerAccessResult result) {
	if(LOG.isDebugEnabled()) {
		LOG.debug("==> RangerDefaultAuditHandler.processResult(" + result + ")");
	}

	AuthzAuditEvent event = getAuthzEvents(result);

	logAuthzAudit(event);

	if(LOG.isDebugEnabled()) {
		LOG.debug("<== RangerDefaultAuditHandler.processResult(" + result + ")");
	}
}