Skip to content

Commit bcc0de6

Browse files
yunyezhang-workmneethiraj
yunyezhang-work
authored and
mneethiraj
committed
RANGER-5404: fix incorrect evtTime format in audits to ElasticSearch (#746)
(cherry picked from commit 86d379f)
1 parent 1ec38a4 commit bcc0de6

File tree

1 file changed

+15
-1
lines changed

1 file changed

+15
-1
lines changed

agents-audit/dest-es/src/main/java/org/apache/ranger/audit/destination/ElasticSearchAuditDestination.java

Lines changed: 15 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -22,6 +22,8 @@
2222
import java.io.File;
2323
import java.io.IOException;
2424
import java.security.PrivilegedActionException;
25+
import java.text.DateFormat;
26+
import java.text.SimpleDateFormat;
2527
import java.util.ArrayList;
2628
import java.util.Arrays;
2729
import java.util.Collection;
@@ -30,6 +32,7 @@
3032
import java.util.Locale;
3133
import java.util.Map;
3234
import java.util.Properties;
35+
import java.util.TimeZone;
3336
import java.util.concurrent.ThreadFactory;
3437
import java.util.concurrent.TimeUnit;
3538
import java.util.concurrent.atomic.AtomicLong;
@@ -67,6 +70,12 @@
6770
public class ElasticSearchAuditDestination extends AuditDestination {
6871
private static final Logger LOG = LoggerFactory.getLogger(ElasticSearchAuditDestination.class);
6972

73+
private static final ThreadLocal<DateFormat> DATE_FORMAT = ThreadLocal.withInitial(() -> {
74+
SimpleDateFormat format = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.SSS'Z'");
75+
format.setTimeZone(TimeZone.getTimeZone("UTC"));
76+
return format;
77+
});
78+
7079
public static final String CONFIG_URLS = "urls";
7180
public static final String CONFIG_PORT = "port";
7281
public static final String CONFIG_USER = "user";
@@ -339,7 +348,12 @@ Map<String, Object> toDoc(AuthzAuditEvent auditEvent) {
339348
doc.put("resType", auditEvent.getResourceType());
340349
doc.put("reason", auditEvent.getResultReason());
341350
doc.put("action", auditEvent.getAction());
342-
doc.put("evtTime", auditEvent.getEventTime());
351+
Date eventTime = auditEvent.getEventTime();
352+
if (eventTime != null) {
353+
doc.put("evtTime", DATE_FORMAT.get().format(eventTime));
354+
} else {
355+
doc.put("evtTime", null);
356+
}
343357
doc.put("seq_num", auditEvent.getSeqNum());
344358
doc.put("event_count", auditEvent.getEventCount());
345359
doc.put("event_dur_ms", auditEvent.getEventDurationMS());

0 commit comments

Comments
 (0)