[Tencent] [feature](audit) add new FE config to skip audit for certain user (apache#38310)

Author: morningman

fe/fe-common/src/main/java/org/apache/doris/common/Config.java

@@ -2680,6 +2680,13 @@ public class Config extends ConfigBase {
     @ConfField(mutable = true)
     public static int query_audit_log_timeout_ms = 5000;
 
+    @ConfField(description = {
+            "在这个列表中的用户的操作，不会被记录到审计日志中。多个用户之间用逗号分隔。",
+            "The operations of the users in this list will not be recorded in the audit log. "
+                    + "Multiple users are separated by commas."
+    })
+    public static String skip_audit_user_list = "root";
+
     @ConfField(mutable = true)
     public static int be_report_query_statistics_timeout_ms = 60000;
 

fe/fe-core/src/main/java/org/apache/doris/qe/AuditEventProcessor.java

@@ -24,11 +24,14 @@
 import org.apache.doris.plugin.PluginInfo.PluginType;
 import org.apache.doris.plugin.PluginMgr;
 
+import com.google.common.base.Strings;
 import com.google.common.collect.Queues;
+import com.google.common.collect.Sets;
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
 
 import java.util.List;
+import java.util.Set;
 import java.util.concurrent.BlockingQueue;
 import java.util.concurrent.TimeUnit;
 
@@ -50,16 +53,30 @@ public class AuditEventProcessor {
 
     private volatile boolean isStopped = false;
 
+    private Set<String> skipAuditUsers = Sets.newHashSet();
+
     public AuditEventProcessor(PluginMgr pluginMgr) {
         this.pluginMgr = pluginMgr;
     }
 
     public void start() {
+        initSkipAuditUsers();
         workerThread = new Thread(new Worker(), "AuditEventProcessor");
         workerThread.setDaemon(true);
         workerThread.start();
     }
 
+    private void initSkipAuditUsers() {
+        if (Strings.isNullOrEmpty(Config.skip_audit_user_list)) {
+            return;
+        }
+        String[] users = Config.skip_audit_user_list.replaceAll(" ", "").split(",");
+        for (String user : users) {
+            skipAuditUsers.add(user);
+        }
+        LOG.info("skip audit users: {}", skipAuditUsers);
+    }
+
     public void stop() {
         isStopped = true;
         if (workerThread != null) {
@@ -72,6 +89,10 @@ public void stop() {
     }
 
     public boolean handleAuditEvent(AuditEvent auditEvent) {
+        if (skipAuditUsers.contains(auditEvent.user)) {
+            // return true to ignore this event
+            return true;
+        }
         boolean isAddSucc = true;
         try {
             if (eventQueue.size() >= Config.audit_event_log_queue_size) {