Log Generation

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in the following snips are to be interpreted as described in RFC 2119.

Further refinement for this document only the keywords REQUIRED, RECOMMENDED and OPTIONAL will be used.

• Jakarta Best Practice Proposal for Standardized Logging Fields - v2

• Security Logging Events

• Security Logging Best Practice

• Python POC

Misc. Notes

Within ONAP both containers and infrastructure generate raw data that have security concerns.

• Containers (xNFs)

  • That is documented here: https://lf-onap.atlassian.net/wiki/download/attachments/16468763/2021-02-22_LoggingRequirementEvents_v9.pptx?version=1&modificationDate=1619018452000&api=v2

• Infrastructure (Docker and K8S)

  • There are a set of logs that both Docker and K8S generate that relate to security monitoring.

  • That is documented here: https://wiki.onap.org/download/attachments/103419713/Logging%20-%20ATTACK%20to%20SECCOM_v3.pptx?version=1&modificationDate=1622560207000&api=v2