...
The goal of this activity is to develop a set of security requirements, security best practices and define a realistic plan to bring consistent logging across ONAP to support security analytics.
Roadmap
| Phase 1 | Phase 2 | Phase 3 | Phase 4 | Phase 5 | |
|---|---|---|---|---|---|
| Objective | Standardize Project Logging for Security | Standardized Collection of Log Data | Project logs are collected to central location | Project Logs are enriched with container metadata | All projects mandated for security logging |
| Activities | Define and specify fields required to support effective security analytics | Work with projects to write logs to STDOUT |
|
| |
| Outcome | Partial list of fields designated as Best Practice for Jakarta | Designated as Global Requirement for Jakarta | Working POC and demonstration to ONAP community |
|
|
| Timeframe | J Release - Complete | J Release - Complete | J to K Release - 3Q22 | K Release - 3Q22 | L Release - 1Q23 |
Scope of Activity
In an effort to scope the activity the following table was developed.
...
Our immediate focus is on defining what logs should be generated (see Log Generation below) and how they should be collected (see Log Collection below) for ONAP Components only. This is indicated as Phase 1 in the table below. Ultimately we want to create a POC then have approved as a Best Practice then as a Global Requirement.
...
- https://www.enisa.europa.eu/publications/security-in-5g-specifications
- https://www.enisa.europa.eu/publications/enisa-threat-landscape-report-for-5g-networks
- VNF Requirements List: 9. Requirement List — onap master documentation
- ONAP application1 logging guidelines – Revision 1.0 (4/11/2017
- VNFCloud Readiness Requirements for OpenECOMP
- What to Log - Developer Wiki - Confluence (onap.org)
- Types of EELF Logs - Developer Wiki - Confluence (onap.org)
- Logging Enhancements Project — onap master documentation
...