Updated on 2025-07-16 GMT+08:00

Viewing Ranger Audit Information

Ranger administrators can view audit logs about Ranger running and permission control audit logs after Ranger is used by components for authentication.

Viewing Ranger Audit Information

  1. Log in to the Ranger web UI as the Ranger administrator rangeradmin. For details, see Logging In to the Ranger Web UI.
  2. Choose Audit to view the audit information. For details about each tab page, see Table 1. If there are a large number of audit records, you can filter them in the search box by keyword.

    Table 1 Audit information

    Tab

    Description

    Access

    Currently, MRS does not support online query of audit logs of component resources. You can log in to the component installation node and access /var/log/Bigdata/audit to view audit logs of each component.

    • result: policy verification result. The value 0 indicates that the policy is rejected, and the value 1 indicates that the policy is approved.
    • policy: ID of the applied policy. The value is the same as the value of Policy ID on the page. If the value is -1, no policy is matched.
    • action: operation permission, which corresponds to the operation permission selected in Permissions for the policy.
    • access: operation to be performed. Available values for each component are different.

    Admin

    Audit information about operations on Ranger, such as creating, updating, and deleting security access policies, creating and deleting component permission policies, and creating, updating, and deleting roles.

    Login Sessions

    Session audit information about users who log in to Ranger.

    Plugins

    Component permission policy information in Ranger.

    Plugin Status

    Audit information about synchronization of the permission policy of each component node.

    User Sync

    Audit information about synchronization between Ranger and LDAP users.