ADLS中文件访问和ACL更改的审核日志 [英] Audit log for file access and ACL changes in ADLS

问题描述

大家好，

有没有一种方法可以在Data Lake Store(Gen1)中创建审核日志，以更改文件的ACL(权限)和文件的访问权限?看来，Azure门户中的活动日志仅显示通过ARM API进行的更改，因此在配置上 的ADLS，而不是存储在ADLS中的数据.

Is there a way to create audit logs in Data Lake Store (Gen1) for changes on the ACL's (permissions) of files and on access of files? It seems that the Activity Log in the Azure Portal only shows the changes made through the ARM API, hence on the configuration of ADLS, but not on the data stored in ADLS.

谢谢

推荐答案

Hi,

请继续阅读 https://docs.microsoft.com/zh-cn/azure/data-lake-store/data-lake-store -security-overview#活动和诊断日志

Please read on https://docs.microsoft.com/en-us/azure/data-lake-store/data-lake-store-security-overview#activity-and-diagnostic-logs

我对调用 :

WebHDFS FileSystem APIs and the log looks like this:

{
     "time": "2018-10-18T22:36:57.616Z",
     "resourceId": "/SUBSCRIPTIONS/XXXXXXXXXXXXXX/RESOURCEGROUPS/ADL-RESOURCE-GROUP/PROVIDERS/MICROSOFT.DATALAKESTORE/ACCOUNTS/ADLALBERTOADLS",
     "category": "Requests",
     "operationName": "modifyaclentries",
     "resultType": "200",
     "callerIpAddress": "XXXXXXXXXXXX",
     "correlationId": "xxxxxxxxxxxxxxxx",
     "identity": "user-that-initiated-operation@microsoft.com",
     "properties": {"HttpMethod":"PUT","Path":"/webhdfs/v1/","RequestContentLength":0,"ClientRequestId":"XXXXXXXXXXXXXXXXXXXXXXXXX","StartTime":"2018-10-18T22:36:57.616Z","EndTime":"2018-10-18T22:36:57.627Z","UserId":"asdfqerwet-asdf-asdfg-ssssss"}
}

这篇关于ADLS中文件访问和ACL更改的审核日志的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！