Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Notes from 16 July meeting

ContributorNotes
BobONAP Security Event Management - DRAFT - Developer Wiki - Confluence
Byung-Woo Jun
  • In ONAP, log generation and log collection/aggregation/storage/visualization should be separate
  • ONAP applications should focus on log generation via STDOUT / STDERR, without concerning how the generated log data will be processed; refer to the ONAP Security & Logging Architecture, ONAP Next Generation Security & Logging Architecture#ONAPLogging  
  • Containers (xNF, Security Components) should follow the same architectural principal, saying they focus on the log generation, not consuming
  • Infrastructure components (K8S, Docker) should generate their logs, without concerning how log data are consumed
  • Row log data from Containers and Infrastructures do not need to return back to ONAP, only events that require subsequent actions (e.g., for close-loop) can be brought into ONAP thru VES Event / DCAE.
  • Collation between application log data and containers/infrastructure data is out of scope for ONAP. Could we delegate the function to a SIEM?
  • Currently, analytic log data handling is out of scope for ONAP. For its use cases, we need to discuss further


...