alluxio Add caller context into audit log

Add caller context into audit log

Open Haoning-Sun opened this issue 2 years ago • 6 comments

What changes are proposed in this pull request?

Add RPCCallerContext into FileSystemMasterCommonPOptions to record client's caller context.
Add GetMountTablePOptions into GetMountTablePRequest to ensure can add caller context for getMountTable interface.
Add caller context into master audit log.

Why are the changes needed?

We can record more client detail into audit log.

Does this PR introduce any user facing changes?

Users can set CallerContext before calling filesystem interface. Setting caller context can add multiple fields and key/value pairs, and can add a signature to this call.

FileSystem fs = getFileSystem();   
CallerContext callerContext = new CallerContext.Builder("list")   
    .append("id", "presto-1024")
    .setSignature(("test").getBytes())
    .build();
CallerContext.setCurrent(callerContext);
List<URIStatus> uris = fs.listStatus(new AlluxioURI("/nested"));

We can view the contents of the client's caller context in the master audit log.

INFO  AUDIT_LOG (AsyncUserAccessAuditLogWriter.java:run) - succeeded=true       allowed=true    ugi=alluxio,alluxio (AUTH=SIMPLE)     ip=/192.168.1.111:49911  cmd=listStatus  src=/nested   dst=null        perm=alluxio:alluxio:rwxr-xr-x        callerContext=list,id:presto-1024:test  executionTimeUs=23364

Oct 20 '22 06:10 Haoning-Sun

alluxio alluxio copied to clipboard

Add caller context into audit log

What changes are proposed in this pull request?

Why are the changes needed?

Does this PR introduce any user facing changes?

alluxio
alluxio copied to clipboard