In latest Rager-2.5, audit to db support has been removed. So in previous version if audit source is set to db then need to migrate this audit data from db to solr.For that follow the below steps:
Install and start solr.
Run migration script to migrate audits from db to solr.
Prerequisite to migrate Audit logs from DB to Solr :
Make sure Solr is installed and running. To install Solr you can refer Doc
Make sure DB server is running and credentials to connect to audit to DB are available.
Make sure Ranger is working with Audit source as ‘solr’ and solr url is configured. To enable Audit to solr; below given two properties should be configured
Ranger would able to communicate to Solr server only if this property is set to ‘solr’
Solr url, should be there if you have setup Ranger with audit source as solr
Steps to migrate Audit logs from DB to Solr
Make sure properties mentioned in below given table are having required values in conf/ranger-admin-site.xml or conf/ranger-admin-default-site.xml
If you have upgraded Ranger and switched audit log destination from DB to Solr then it is possible that you might not be having required properties in conf/ranger-admin-site.xml and/or values of below given properties in conf/ranger-admin-default-site.xml. To configure correct settings you can refer to previous (before upgrade) conf/ranger-admin-site.xml and manually copy-paste values of mentioned properties in conf/ranger-admin-default-site.xml file.
Sample Value (for MySQL DB Flavor)
make sure audit db URL is according to your DB flavor.
Stop or restart Ranger Admin after configuring above properties and then execute below given command from Ranger admin directory. Please replace /path/to/java with actual java binary path.
$/path/to/java -Dlogdir=ews/logs -Dlog4j.configuration=db_patch.log4j.xml -cp ews/webapp/WEB-INF/classes/conf:ews/webapp/WEB-INF/classes/lib/*:ews/webapp/WEB-INF/:ews/webapp/META-INF/:ews/webapp/WEB-INF/lib/*:ews/webapp/WEB-INF/classes/:ews/webapp/WEB-INF/classes/META-INF org.apache.ranger.patch.cliutil.DbToSolrMigrationUtil
Note : Ranger need not to be in running state to migrate audit logs from RDBMS to Solr, however conf/ranger-admin-site.xml or conf/ranger-admin-default-site.xml file should have right values before executing above command.
After running the migration script, verify Ranger Audits on solr.