tessl/maven-org-apache-ranger--ranger-plugins-audit
Apache Ranger Audit Plugin Framework providing centralized audit logging capabilities for Apache Ranger security plugins across various big data components.
—
Pending
writers-formats.mddocs/
Writers and Formats
Audit file writers supporting multiple output formats including JSON and ORC, with configurable file management, rotation, and filesystem integration for reliable audit data persistence.
Capabilities
Ranger Audit Writer Interface
Primary interface for audit file writers that defines the contract for writing audit events to various storage formats and systems.
/**
* Interface for audit file writers
*/
public interface RangerAuditWriter {
/**
* Initialize the audit writer with configuration
* @param props Properties configuration properties
* @param propPrefix String property prefix for configuration
* @param auditProviderName String audit provider name
* @param auditConfigs Map<String,String> additional audit configurations
*/
public void init(Properties props, String propPrefix, String auditProviderName, Map<String,String> auditConfigs);
/**
* Log collection of JSON-formatted audit events
* @param events Collection<String> JSON-formatted events to write
* @return boolean true if successful, false otherwise
* @throws Exception if writing fails
*/
public boolean log(Collection<String> events) throws Exception;
/**
* Log audit events from a file
* @param file File containing audit events to write
* @return boolean true if successful, false otherwise
* @throws Exception if writing fails
*/
public boolean logFile(File file) throws Exception;
/**
* Start the audit writer
*/
public void start();
/**
* Stop the audit writer
*/
public void stop();
/**
* Flush any pending audit events
*/
public void flush();
}Abstract Ranger Audit Writer
Abstract base class for audit writers providing common filesystem functionality and configuration management.
/**
* Abstract base class for audit writers with filesystem functionality
*/
public abstract class AbstractRangerAuditWriter implements RangerAuditWriter {
/**
* Initialize writer with configuration and filesystem setup
* @param props Properties configuration properties
* @param basePropertyName String base property name
* @param auditProviderName String provider name
* @param auditConfigs Map<String,String> additional configurations
*/
public void init(Properties props, String basePropertyName, String auditProviderName, Map<String,String> auditConfigs);
/**
* Create Hadoop configuration from properties
* @return Configuration Hadoop configuration object
*/
protected Configuration createConfiguration();
/**
* Create parent directories if they don't exist
* @param path Path directory path to create
* @param fs FileSystem filesystem instance
* @throws IOException if directory creation fails
*/
protected void createParents(Path path, FileSystem fs) throws IOException;
/**
* Flush pending data to filesystem
*/
public void flush();
/**
* Get current file path being written to
* @return String current file path
*/
protected String getCurrentFilePath();
/**
* Check if file rotation is needed
* @return boolean true if rotation needed
*/
protected boolean isRotationNeeded();
/**
* Perform file rotation
*/
protected void rotateFile();
}JSON Audit Writer
JSON audit writer implementation for HDFS with support for file rotation, compression, and configurable output formatting.
/**
* JSON audit writer implementation for HDFS
*/
public class RangerJSONAuditWriter extends AbstractRangerAuditWriter {
/**
* Initialize JSON writer with HDFS configuration
* @param props Properties configuration properties
* @param basePropertyName String base property name (e.g., "xasecure.audit.hdfs")
* @param auditProviderName String provider name
* @param auditConfigs Map<String,String> additional configurations
*/
public void init(Properties props, String basePropertyName, String auditProviderName, Map<String,String> auditConfigs);
/**
* Log JSON-formatted audit events to HDFS
* @param events Collection<String> JSON-formatted events
*/
public void log(Collection<String> events);
/**
* Log audit events from file to HDFS
* @param file File containing audit events
*/
public void logFile(File file);
/**
* Start JSON writer and open output stream
*/
public void start();
/**
* Stop JSON writer and close output stream
*/
public void stop();
/**
* Flush JSON data to HDFS
*/
public void flush();
/**
* Get current output stream
* @return FSDataOutputStream current output stream
*/
protected FSDataOutputStream getOutputStream();
/**
* Format audit event as JSON string
* @param event String raw event
* @return String formatted JSON
*/
protected String formatAsJSON(String event);
}ORC Audit Writer
ORC (Optimized Row Columnar) audit writer implementation providing efficient columnar storage format for audit events with schema management and compression.
/**
* ORC file format audit writer
*/
public class RangerORCAuditWriter extends AbstractRangerAuditWriter {
/**
* Initialize ORC writer with schema and HDFS configuration
* @param props Properties configuration properties
* @param basePropertyName String base property name
* @param auditProviderName String provider name
* @param auditConfigs Map<String,String> additional configurations
*/
public void init(Properties props, String basePropertyName, String auditProviderName, Map<String,String> auditConfigs);
/**
* Log JSON-formatted audit events as ORC records
* @param events Collection<String> JSON-formatted events to convert and write
*/
public void log(Collection<String> events);
/**
* Log audit events from file as ORC records
* @param file File containing audit events
*/
public void logFile(File file);
/**
* Start ORC writer and initialize schema
*/
public void start();
/**
* Stop ORC writer and close ORC file
*/
public void stop();
/**
* Flush ORC data to HDFS
*/
public void flush();
/**
* Get ORC schema for audit events
* @return TypeDescription ORC schema
*/
protected TypeDescription getORCSchema();
/**
* Convert JSON event to ORC record
* @param jsonEvent String JSON-formatted event
* @param batch VectorizedRowBatch ORC batch to populate
* @param row int row index in batch
*/
protected void convertJSONToORC(String jsonEvent, VectorizedRowBatch batch, int row);
}Audit Writer Factory
Factory class for creating audit writers based on configuration and format requirements.
/**
* Factory for creating audit file writers
*/
public class AuditWriterFactory {
/**
* Get singleton instance of the factory
* @return AuditWriterFactory factory instance
*/
public static AuditWriterFactory getInstance();
/**
* Create audit writer for specified format
* @param writerType String writer type ("json", "orc")
* @return RangerAuditWriter writer instance
*/
public RangerAuditWriter createWriter(String writerType);
/**
* Get configured audit writer from properties
* @param props Properties configuration properties
* @param basePropertyName String base property name
* @return RangerAuditWriter configured writer
*/
public RangerAuditWriter getAuditWriter(Properties props, String basePropertyName);
/**
* Register custom writer implementation
* @param writerType String writer type identifier
* @param writerClass Class<? extends RangerAuditWriter> writer implementation class
*/
public void registerWriter(String writerType, Class<? extends RangerAuditWriter> writerClass);
}ORC File Utilities
Utility class for working with ORC files in audit context, providing schema management and file operations.
/**
* ORC file utilities for audit writing
*/
public class ORCFileUtil {
/**
* Create standard audit event ORC schema
* @return TypeDescription ORC schema for audit events
*/
public static TypeDescription createAuditEventSchema();
/**
* Convert audit event object to ORC vector batch row
* @param auditEvent AuditEventBase event to convert
* @param batch VectorizedRowBatch target batch
* @param row int row index in batch
*/
public static void populateORCBatch(AuditEventBase auditEvent, VectorizedRowBatch batch, int row);
/**
* Create ORC writer with compression and configuration
* @param path Path output file path
* @param schema TypeDescription ORC schema
* @param conf Configuration Hadoop configuration
* @return Writer ORC writer instance
* @throws IOException if writer creation fails
*/
public static Writer createORCWriter(Path path, TypeDescription schema, Configuration conf) throws IOException;
/**
* Read ORC file and convert to audit events
* @param path Path ORC file path
* @param conf Configuration Hadoop configuration
* @return List<AuditEventBase> audit events from file
* @throws IOException if reading fails
*/
public static List<AuditEventBase> readORCAuditEvents(Path path, Configuration conf) throws IOException;
}Usage Examples:
import org.apache.ranger.audit.utils.*;
import org.apache.ranger.audit.model.AuthzAuditEvent;
// JSON Writer Configuration
Properties jsonProps = new Properties();
jsonProps.setProperty("xasecure.audit.hdfs.destination.directory", "/ranger/audit");
jsonProps.setProperty("xasecure.audit.hdfs.destination.file", "audit.json");
jsonProps.setProperty("xasecure.audit.hdfs.destination.flush.interval.seconds", "30");
jsonProps.setProperty("xasecure.audit.hdfs.destination.rollover.interval.seconds", "3600");
RangerJSONAuditWriter jsonWriter = new RangerJSONAuditWriter();
jsonWriter.init(jsonProps, "xasecure.audit.hdfs", "hdfs-audit", new HashMap<>());
jsonWriter.start();
// Create and log audit events as JSON
AuthzAuditEvent event1 = new AuthzAuditEvent();
event1.setUser("alice");
event1.setAccessType("read");
event1.setResourcePath("/data/file1.txt");
event1.setAccessResult(1);
AuthzAuditEvent event2 = new AuthzAuditEvent();
event2.setUser("bob");
event2.setAccessType("write");
event2.setResourcePath("/data/file2.txt");
event2.setAccessResult(0);
List<String> jsonEvents = Arrays.asList(event1.toJson(), event2.toJson());
jsonWriter.log(jsonEvents);
jsonWriter.flush();
// ORC Writer Configuration
Properties orcProps = new Properties();
orcProps.setProperty("xasecure.audit.hdfs.destination.directory", "/ranger/audit/orc");
orcProps.setProperty("xasecure.audit.hdfs.destination.file", "audit.orc");
orcProps.setProperty("xasecure.audit.hdfs.destination.compression.type", "SNAPPY");
RangerORCAuditWriter orcWriter = new RangerORCAuditWriter();
orcWriter.init(orcProps, "xasecure.audit.hdfs", "orc-audit", new HashMap<>());
orcWriter.start();
// Log same events in ORC format
orcWriter.log(jsonEvents);
orcWriter.flush();
// Using Factory Pattern
AuditWriterFactory factory = AuditWriterFactory.getInstance();
RangerAuditWriter writer = factory.createWriter("json");
writer.init(jsonProps, "xasecure.audit.hdfs", "factory-writer", new HashMap<>());
// File-based logging
File auditFile = new File("/tmp/audit-events.json");
jsonWriter.logFile(auditFile);
// Cleanup
jsonWriter.stop();
orcWriter.stop();Configuration Properties
Key configuration properties for writers and formats:
JSON Writer Configuration:
xasecure.audit.hdfs.destination.directory: Output directory pathxasecure.audit.hdfs.destination.file: Output filename patternxasecure.audit.hdfs.destination.flush.interval.seconds: Flush intervalxasecure.audit.hdfs.destination.rollover.interval.seconds: File rollover intervalxasecure.audit.hdfs.destination.open.retry.interval.seconds: Retry interval for failed opens
ORC Writer Configuration:
xasecure.audit.hdfs.destination.compression.type: Compression type (NONE, ZLIB, SNAPPY, LZO)xasecure.audit.hdfs.destination.orc.batch.size: ORC batch size for writingxasecure.audit.hdfs.destination.orc.stripe.size: ORC stripe size
Common Writer Configuration:
xasecure.audit.hdfs.destination.rollover.size.limit.bytes: File size limit for rolloverxasecure.audit.hdfs.config.encoding: Character encoding for output filesxasecure.audit.hdfs.config.kerberos.principal: Kerberos principal for authenticationxasecure.audit.hdfs.config.kerberos.keytab: Kerberos keytab file path
Install with Tessl CLI
npx tessl i tessl/maven-org-apache-ranger--ranger-plugins-audit