THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
Introduction
This feature of blacklisting users from ranger access audits is provided because Ranger logs too many audit records, specifically around service accounts (like hbase, atlas, solr). Too much data generated in solr makes it unavailable for further usage.
With this feature RANGER-2669 ,Audit logs will not get created in solr for users/groups mentioned on the service page.
In RANGER-2334, ‘Exclude Service Users’ feature was provided to filter out access audits logs for service users/test users on Ranger UI. Log does not display on UI, but gets generated in solr.
How to Use this feature:
In order to use this feature, User can add below two configuration parameters on a Create / Edit Service page with comma separated values:
- ranger.plugin.audit.exclude.users
- ranger.plugin.audit.exclude.groups
Example :
- Add below configuration on HBASE service create / edit page :
For HBASE Application,Audit>>Access logs will not get created for user ‘hbase’ - Similarly, if a group is added in property of service config to exclude audits, then all users belonging to that group will be excluded for recording audits to solr.
Note : These configurations are specific to individual services and and it is not meant to globally blacklist any user for generating audit events in Solr. That means, if staging_hbase service is having configs to exclude DummyAuditUser and DummyAuditGroup then only that Hbase plugin instance will not generate audits for mentioned users and groups, other plugins will continue to generate audit events related to DummyAuditUser and DummyAuditGroup.