Prerequisites
1. Supports Ranger 2.1.0 and later versions, corresponding to EMR-2.7.0, EMR-3.2.1, and later.
2. Prepare a Tencent Cloud ElasticSearch cluster. For the creation process, see Creating ES cluster. Capacity reference: Assuming the size of a single Hive SQL query is 1 KB, a single record will be approximately 20 KB, meaning 1 GB can store around 52,428 Hive SQL records.
3. Open port 9200 in the security group, allowing only private network access, requiring that the EMR cluster and ElasticSearch cluster are in the same VPC.
4. Example: Key information for the ElasticSearch cluster:
Username: elastic
Password: MyPassword
Private IP address: 10.206.48.118
Port: 9200
Protocol: http
EMR Console Directions
1. Log in to the EMR Console and go to Cluster Services > RANGER > Configuration Management > ranger-admin-site.xml file. Modify the configuration items as follows: ranger.audit.source.type = elasticsearch
ranger.audit.elasticsearch.user = elastic
ranger.audit.elasticsearch.password = MyPassword
ranger.audit.elasticsearch.urls = 10.206.48.118
ranger.audit.elasticsearch.protocol = httpot
ranger.audit.elasticsearch.port = 9200
ranger.audit.elasticsearch.index = ranger_audits
ranger.audit.elasticsearch.bootstrap.enabled = true
2. Restart the Ranger service role EmbeddedServer.
3. Take HIVE as an example (other services are similar). Go to Cluster Services > HIVE > Configuration Management and modify the ranger-hive-audit.xml file with the following configuration, ensuring the values are consistent with those in the ranger-admin-site.xml file.
ranger.audit.source.type = elasticsearch
ranger.audit.elasticsearch.user = elastic
ranger.audit.elasticsearch.password = MyPassword
ranger.audit.elasticsearch.urls = 10.206.48.118
ranger.audit.elasticsearch.protocol = httpot
ranger.audit.elasticsearch.port = 9200
ranger.audit.elasticsearch.index = ranger_audits
ranger.audit.elasticsearch.bootstrap.enabled = true
4. Restart the HIVE role HiveServer2。