Versions Compared

Old Version 101

changes.mady.by.user Robert Heinemann

Saved on

compared with

New Version 102

changes.mady.by.user Robert Heinemann

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

This is a working document.

The below matrix is a representation of the log management categories (lifecycle) in relation to the two categories of run-time logs (logs of ONAP events, logs of events from services orchestrated by ONAP).

Team Members

...

  • Review Requirements list Amy put together
  • Muddasar to provide links to NIST security logging standards: 

    https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-92.pdf

  • Fabian: Initial investigation of ONAP responding to security events.
  • Bob to provide Orchestration logging events
  • Log Template as suggested by Chakir on Tuesday call ( Apache 2 log template as an example.  Can we review work from Logging enhancement project?

...

MeetingWorking Items
9/17/2021
  • Presentation to 2 PTL's to gather security logging feedback
on feasibility and fit of security logging requirements.  Focus
the
  • a POC and Best Practice for a single release.  If so, is this something that is possible for Toine's and VJ's projects?

Toine Siebelink
VIJAY VENKATESH KUMAR  

SECCOM is refreshing the ONAP security logging requirements and architecture for the ONAP components, meeting on Fridays at 4CET. We’d like to see if you would be willing to join the 17 September meeting to provide feedback and to consider participating in a POC in the Jakarta release




Security Log Structure

Date / Time

Log Level

Transaction ID

Status Code

Severity

Container Data

Protocol

Service / Program Name

Log Message

Image Tag / Name

Image Digest

ID

Name

Principal ID

Role / Attribute ID

...


Docker PS
CONTAINER ID: 5c6768cf2c81 
IMAGE: onap/sdnc-image:latest 


Security Log Field Definitions

Type Synonyms:

REQUIRED: SHALL OR MUST
RECOMMENDED:  SHOULD
OPTIONAL: MAY

...