ADLS中文件访问和ACL更改的审核日志

本文介绍了ADLS中文件访问和ACL更改的审核日志的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！ 问题描述

大家好，

有没有一种方法可以在Data Lake Store(Gen1)中创建审核日志，以更改文件的ACL(权限)和文件的访问权限?看来，Azure门户中的活动日志仅显示通过ARM API进行的更改，因此在配置上 的ADLS，而不是存储在ADLS中的数据.

Is there a way to create audit logs in Data Lake Store (Gen1) for changes on the ACL's (permissions) of files and on access of files? It seems that the Activity Log in the Azure Portal only shows the changes made through the ARM API, hence on the configuration of ADLS, but not on the data stored in ADLS.

谢谢

推荐答案

Hi,

请继续阅读 docs.microsoft/zh-cn/azure/data-lake-store/data-lake-store -security-overview#活动和诊断日志

Please read ondocs.microsoft/en-us/azure/data-lake-store/data-lake-store-security-overview#activity-and-diagnostic-logs

我对调用

WebHDFS文件系统API 和 日志看起来像这样:

WebHDFS FileSystem APIsand the log looks like this:

{ "time": "2018-10-18T22:36:57.616Z", "resourceId": "/SUBSCRIPTIONS/XXXXXXXXXXXXXX/RESOURCEGROUPS/ADL-RESOURCE-GROUP/PROVIDERS/MICROSOFT.DATALAKESTORE/ACCOUNTS/ADLALBERTOADLS", "category": "Requests", "operationName": "modifyaclentries", "resultType": "200", "callerIpAddress": "XXXXXXXXXXXX", "correlationId": "xxxxxxxxxxxxxxxx", "identity": "user-that-initiated-operation@microsoft", "properties": {"HttpMethod":"PUT","Path":"/webhdfs/v1/","RequestContentLength":0,"ClientRequestId":"XXXXXXXXXXXXXXXXXXXXXXXXX","StartTime":"2018-10-18T22:36:57.616Z","EndTime":"2018-10-18T22:36:57.627Z","UserId":"asdfqerwet-asdf-asdfg-ssssss"} }