This is a working document.
The below matrix is a representation of the log management categories (lifecycle) in relation to the two categories of run-time logs (logs of ONAP events, logs of events from services orchestrated by ONAP).
Team Members
- Amy Zwarico
- Robert Heinemann
- Muddasar Ahmed
- rouzaut
- Byung-Woo Jun
- Brian Smith (Unlicensed)
- s.silvius
- PUT YOUR NAME HERE
...
- Review Requirements list Amy put together
- Muddasar to provide links to NIST security logging standards:
https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-92.pdf
- Fabian: Initial investigation of ONAP responding to security events.
- Bob to provide Orchestration logging events
- Log Template as suggested by Chakir on Tuesday call ( Apache 2 log template as an example. Can we review work from Logging enhancement project?
...
Security Event Generation Requirements (Proposed)
REQUIRED, RECOMMENDED and OPTIONAL
...
CON-LOG-REQ-1
...
CON-LOG-REQ-2
...
CON-LOG-REQ-3
...
CON-LOG-REQ-4
...
CON-LOG-REQ-5
...
Steps for approval: POC → Best Practice → Global Requirement
Metadata for Security Events (Proposed)
...
Docker PS
CONTAINER ID: 5c6768cf2c81
IMAGE: onap/sdnc-image:latest
Security Log Field Definitions
Type Synonyms:
REQUIRED: SHALL OR MUST
RECOMMENDED: SHOULD
OPTIONAL: MAY
...