apache-nifi - Apache NiFi:如何获取登录用户界面的审核日志?
问题描述
确定谁登录到 NiFi 集群的好方法是什么?失败和成功的身份验证报告都是理想的。
我能想到的一种方法是将日志合并到一个地方,然后对某些 API 调用进行 grep。
这方面的最佳做法是什么。
我在 NiFi 1.9.1
谢谢
解决方案
该$NIFI_HOME/logs/nifi-user.log
文件记录了对 NiFi 实例执行的所有操作。记录消息的严重性/阈值由 控制$NIFI_HOME/conf/logback.xml
,特别是以下几行:
<!--
Logger for capturing user events. We do not want to propagate these
log events to the root logger. These messages are only sent to the
user-log appender.
-->
<logger name="org.apache.nifi.web.security" level="INFO" additivity="false">
<appender-ref ref="USER_FILE"/>
</logger>
<logger name="org.apache.nifi.web.api.config" level="INFO" additivity="false">
<appender-ref ref="USER_FILE"/>
</logger>
<logger name="org.apache.nifi.authorization" level="INFO" additivity="false">
<appender-ref ref="USER_FILE"/>
</logger>
<logger name="org.apache.nifi.cluster.authorization" level="INFO" additivity="false">
<appender-ref ref="USER_FILE"/>
</logger>
<logger name="org.apache.nifi.web.filter.RequestLogger" level="INFO" additivity="false">
<appender-ref ref="USER_FILE"/>
</logger>
<logger name="org.apache.nifi.web.api.AccessResource" level="INFO" additivity="false">
<appender-ref ref="USER_FILE"/>
</logger>
您可以将这些值中的任何一个设置为DEBUG
而不是INFO
获取更详细的日志记录。
示例输出:
2019-06-19 10:54:51,181 INFO [NiFi Web Server-20] o.a.n.w.s.NiFiAuthenticationFilter Attempting request for (<JWT token>) GET https://node1.nifi:9441/nifi-api/flow/current-user (source ip: 127.0.0.1)
2019-06-19 10:54:51,183 INFO [NiFi Web Server-20] o.a.n.w.s.NiFiAuthenticationFilter Authentication success for cn=alopresto,ou=people,dc=nifi,dc=com
2019-06-19 10:54:51,232 INFO [NiFi Web Server-20] o.a.n.w.s.NiFiAuthenticationFilter Attempting request for (<JWT token>) GET https://node1.nifi:9441/nifi-api/flow/client-id (source ip: 127.0.0.1)
2019-06-19 10:54:51,232 INFO [NiFi Web Server-26] o.a.n.w.s.NiFiAuthenticationFilter Attempting request for (<JWT token>) GET https://node1.nifi:9441/nifi-api/flow/config (source ip: 127.0.0.1)
2019-06-19 10:54:51,235 INFO [NiFi Web Server-26] o.a.n.w.s.NiFiAuthenticationFilter Authentication success for cn=alopresto,ou=people,dc=nifi,dc=com
2019-06-19 10:54:51,235 INFO [NiFi Web Server-20] o.a.n.w.s.NiFiAuthenticationFilter Authentication success for cn=alopresto,ou=people,dc=nifi,dc=com
2019-06-19 10:54:51,261 INFO [NiFi Web Server-21] o.a.n.w.s.NiFiAuthenticationFilter Attempting request for (<JWT token>) GET https://node1.nifi:9441/nifi-api/flow/banners (source ip: 127.0.0.1)
2019-06-19 10:54:51,264 INFO [NiFi Web Server-21] o.a.n.w.s.NiFiAuthenticationFilter Authentication success for cn=alopresto,ou=people,dc=nifi,dc=com
2019-06-19 10:54:51,290 INFO [NiFi Web Server-26] o.a.n.w.s.NiFiAuthenticationFilter Attempting request for (<JWT token>) GET https://node1.nifi:9441/nifi-api/flow/processor-types (source ip: 127.0.0.1)
2019-06-19 10:54:51,291 INFO [NiFi Web Server-26] o.a.n.w.s.NiFiAuthenticationFilter Authentication success for cn=alopresto,ou=people,dc=nifi,dc=com
2019-06-19 10:54:51,293 INFO [NiFi Web Server-123] o.a.n.w.s.NiFiAuthenticationFilter Attempting request for (<JWT token>) GET https://node1.nifi:9441/nifi-api/flow/about (source ip: 127.0.0.1)
2019-06-19 10:54:51,295 INFO [NiFi Web Server-123] o.a.n.w.s.NiFiAuthenticationFilter Authentication success for cn=alopresto,ou=people,dc=nifi,dc=com
2019-06-19 10:54:51,325 INFO [NiFi Web Server-123] o.a.n.w.s.NiFiAuthenticationFilter Attempting request for (<JWT token>) GET https://node1.nifi:9441/nifi-api/flow/controller-service-types (source ip: 127.0.0.1)
2019-06-19 10:54:51,326 INFO [NiFi Web Server-123] o.a.n.w.s.NiFiAuthenticationFilter Authentication success for cn=alopresto,ou=people,dc=nifi,dc=com
推荐阅读
- javascript - “严格模式下不允许使用传统八进制文字。” 错误发生在 ./node_modules /tar/tar.js:108:10
- keypress - how to define event for keyPressed/keyCode...?
- firebase - 如何单击图像以显示该图像的详细信息(该数据取自 firebase)
- java - Disable paywithPaypal button in Paypal Mobile SDK
- c# - MongoDB HeartbeatException: > "MongoDB.Driver.MongoConnectionException
- networking - Figuring out what kind of payload is carried by a packet
- java - 如何使用包含列值的表达式作为带有 Java Spring 数据 JPA 规范的 SQL-where 子句
- amazon-web-services - 具有动态内容的 Terrafrom 动态块
- discord.js - 如何每隔 5 分钟更新一次我的 Discord 机器人的状态?
- android - Android Firebase:使用equalTo过滤并同时按不同的孩子排序