ApiAudit Data Model

Models audit events from both CM and CM managed services like HDFS, HBase and Hive. Audits for CM managed services are retrieved from Cloudera Navigator server.

Properties
name data type description
timestamp string When the audit event was captured.
service string Service name associated with this audit.
username string The user who performed this operation.
impersonator string The impersonating user (or the proxy user) who submitted this operation. This is usually applicable when using services like Oozie or Hue, who can be configured to impersonate other users and submit jobs.
ipAddress string The IP address that the client connected from.
command string The command/operation that was requested.
resource string The resource that the operation was performed on.
operationText string The full text of the requested operation. E.g. the full Hive query.

Available since API v5.

allowed boolean Whether the operation was allowed or denied by the authorization system.
serviceValues map of string

Example

{
  "timestamp" : "...",
  "service" : "...",
  "username" : "...",
  "impersonator" : "...",
  "ipAddress" : "...",
  "command" : "...",
  "resource" : "...",
  "operationText" : "...",
  "allowed" : true,
  "serviceValues" : {
    "property1" : "...",
    "property2" : "..."
  }
}