ranger审计日志对接CDH solr
一、准备条件
1、已安装完毕ranger-admin
2、已在CDH上部署solr(注意在安装solr时更改下solr在zk上的节点信息)
二、更改相关配置
1、修改ranger-2.1.0-admin/contrib/solr_for_audit_setup/install.properties
SOLR_USER=solr SOLR_GROUP=solr MAX_AUDIT_RETENTION_DAYS=90 SOLR_INSTALL=false SOLR_DOWNLOAD_URL= SOLR_INSTALL_FOLDER=/opt/cloudera/parcels/CDH/lib/solr SOLR_RANGER_HOME=/opt/cloudera/parcels/CDH/lib/solr/ranger_audit_server SOLR_RANGER_PORT=8983 SOLR_DEPLOYMENT=solrcloud SOLR_RANGER_DATA_FOLDER=/opt/cloudera/parcels/CDH/lib/solr/ranger_audit_server/data SOLR_ZK=100.116.3.226:2181,100.116.3.227,100.116.3.228/solr/configs/ranger_audits SOLR_HOST_URL=http://`hostname -f`:8983 SOLR_SHARDS=3 SOLR_REPLICATION=2 SOLR_LOG_FOLDER=/opt/logs/solr/ranger_audits SOLR_RANGER_COLLECTION=ranger_audits SOLR_MAX_MEM=2g
2、修改ranger-2.1.0-admin/contrib/solr_for_audit_setup/conf/solrconfig.xml
此处修改为
EEE MMM dd HH:mm:ss [z ]yyyy
此处直接改为cdh上solr jar对应的目录,这个配置文件之前是基于非集成的solr配置的,不做修改的话会报配置文件找不到的错误。
3、修改ranger-admin的install.propertities
PYTHON_COMMAND_INVOKER=python DB_FLAVOR=MYSQL SQL_CONNECTOR_JAR=/usr/share/java/mysql-connector-java.jar db_root_user=root db_root_password=VYi2OfrsO0Mz db_host=100.116.3.249 db_ssl_enabled=false db_ssl_required=false db_ssl_verifyServerCertificate=false db_ssl_auth_type=2-way javax_net_ssl_keyStore= javax_net_ssl_keyStorePassword= javax_net_ssl_trustStore= javax_net_ssl_trustStorePassword= db_name=ranger db_user=ranger db_password=VYi2OfrsO0Mz rangerAdmin_password= rangerTagsync_password= rangerUsersync_password= keyadmin_password= audit_store=solr audit_elasticsearch_urls= audit_elasticsearch_port= audit_elasticsearch_protocol= audit_elasticsearch_user= audit_elasticsearch_password= audit_elasticsearch_index= audit_elasticsearch_bootstrap_enabled=false audit_solr_urls=http://100.116.3.227:8983/solr/ranger_audits audit_solr_user= audit_solr_password= audit_solr_zookeepers=100.116.3.226:2181,100.116.3.227:2181,100.116.3.228:2181/ranger_audits audit_solr_collection_name=ranger_audits audit_solr_config_name=ranger_audits audit_solr_no_shards= audit_solr_no_replica= audit_solr_max_shards_per_node= audit_solr_acl_user_list_sasl=solr,infra-solr audit_solr_bootstrap_enabled=true policymgr_external_url=http://localhost:6080 policymgr_http_enabled=true policymgr_https_keystore_file= policymgr_https_keystore_keyalias=rangeradmin policymgr_https_keystore_password= policymgr_supportedcomponents= unix_user=ranger unix_user_pwd=ranger unix_group=ranger authentication_method=NONE remoteLoginEnabled=true authServiceHostName=localhost authServicePort=5151 ranger_unixauth_keystore=keystore.jks ranger_unixauth_keystore_password=password ranger_unixauth_truststore=cacerts ranger_unixauth_truststore_password=changeit xa_ldap_url= xa_ldap_userDNpattern= xa_ldap_groupSearchBase= xa_ldap_groupSearchFilter= xa_ldap_groupRoleAttribute= xa_ldap_base_dn= xa_ldap_bind_dn= xa_ldap_bind_password= xa_ldap_referral= xa_ldap_userSearchFilter= xa_ldap_ad_domain= xa_ldap_ad_url= xa_ldap_ad_base_dn= xa_ldap_ad_bind_dn= xa_ldap_ad_bind_password= xa_ldap_ad_referral= xa_ldap_ad_userSearchFilter= spnego_principal= spnego_keytab= token_valid=30 cookie_domain= cookie_path=/ admin_principal= admin_keytab= lookup_principal= lookup_keytab= hadoop_conf=/etc/hadoop/conf sso_enabled=false sso_providerurl=https://127.0.0.1:8443/gateway/knoxsso/api/v1/websso sso_publickey= RANGER_ADMIN_LOG_DIR=$PWD RANGER_PID_DIR_PATH=/var/run/ranger XAPOLICYMGR_DIR=$PWD app_home=$PWD/ews/webapp TMPFILE=$PWD/.fi_tmp LOGFILE=$PWD/logfile LOGFILES="$LOGFILE" JAVA_BIN='java' JAVA_VERSION_REQUIRED='1.8' JAVA_ORACLE='Java(TM) SE Runtime Environment' ranger_admin_max_heap_size=1g PATCH_RETRY_INTERVAL=120 STALE_PATCH_ENTRY_HOLD_TIME=10 mysql_core_file=db/mysql/optimized/current/ranger_core_db_mysql.sql mysql_audit_file=db/mysql/xa_audit_db.sql oracle_core_file=db/oracle/optimized/current/ranger_core_db_oracle.sql oracle_audit_file=db/oracle/xa_audit_db_oracle.sql postgres_core_file=db/postgres/optimized/current/ranger_core_db_postgres.sql postgres_audit_file=db/postgres/xa_audit_db_postgres.sql sqlserver_core_file=db/sqlserver/optimized/current/ranger_core_db_sqlserver.sql sqlserver_audit_file=db/sqlserver/xa_audit_db_sqlserver.sql sqlanywhere_core_file=db/sqlanywhere/optimized/current/ranger_core_db_sqlanywhere.sql sqlanywhere_audit_file=db/sqlanywhere/xa_audit_db_sqlanywhere.sql cred_keystore_filename=$app_home/WEB-INF/classes/conf/.jceks/rangeradmin.jceks
三、初始化
1、修改完成后,初始化solr、ranger-admin
ranger-2.1.0-admin/contrib/solr_for_audit_setup
./setup.sh
./setup.sh
四、上传相关配置到zookeeper并创建对应collection
1、相关指令如下
查看创建的solrhome的实例 solrctl instancedir --list 创建 collection1 实例并将配置文件上传到 zookeeper: #conf必须是一个目录,这里的目录是 ranger-2.1.0-admin/contrib/solr_for_audit_setup/conf solrctl instancedir --create ranger_audits conf 可以通过下面命令查看上传的实体: solrctl instancedir --list 创建 collection 1)创建ranger_audits solrctl collection --create ranger_audits -s 3 -c ranger_audits -r 2 -m 3
2、验证:登陆zookeeper查看
查看solr的上collection 是否创建成
