...
ID | Type | Description | Reference |
---|---|---|---|
CON-LOG-REQ-7 | REQUIRED | The container and container application MUST log the field “date/time” in the security audit logs. The value should be represented in UTC and formatted per ISO 8601, such as “2015-06-03T13:21:58+00:00”. The time should be shown with the maximum resolution available to the logging component (e.g., milliseconds, microseconds) by including the appropriate number of decimal digits. For example, when millisecond precision is available, the date-time value would be presented as, as “2015-06-03T13:21:58.340+00:00”. | |
CON-LOG-REQ-8 | REQUIRED | The container and container application MUST log the field “protocol” in the security audit logs. The URI that the caller used to make the call to the component that is logging the message. (The service inside the partner doing the call - includes API name) | |
CON-LOG-REQ-9 | REQUIRED | The container and container application MUST log the field “service or program used for access” in the security audit logs. | R-06413 |
CON-LOG-REQ-10 | REQUIRED | The container and container application MUST log the field “success/failure” in the security audit logs. StatusCode: This field indicates the high level status of the request - one of (COMPLETE, ERROR, INPROGRESS) | |
CON-LOG-REQ-11 | REQUIRED | The container and container application MUST log the field “Login ID” in the security audit logs. | R-89474 |
CON-LOG-REQ-MP01 | LFLD: Container ID; unique for life time of the system, for the instance, once container is killed, this ID goes away | ||
CON-LOG-REQ-MP02 | LFLD: Container Name; unique name of the image ( webserver, FW, DCAE01) | ||
CON-LOG-REQ-MP03 | LFLD: Container Image Name (Hash); Image name and Hash ( container lifecycle events | ||
CON-LOG-REQ-MP04 | REQUIRED | "The VNF SHOULD use an appropriately configured logging level that can be changed dynamically, so as to not cause performance degradation of the VNF due to excessive logging." Logging Level Follows Syslog levels numbered 0 - 7; (Emergency, Alert, Criticial, Error, Warning, Notification, Informational, Debugging) | R-28168 |
CON-LOG-REQ-MP11 | The container MUST log the image ID and layer hash | T1036, T1525 | |
CON-LOG-REQ-MP12 | Log User Group ID | ||
CON-LOG-REQ-MP13 | To support flow tracking across ONAP components a container MUST log RequestID RequestID: UUID to track the processing of each client request across all the ONAP components involved in its processing | v1.3 Spec, InvocationID and InstanceID. These items are defined as MDC # 4,5, and 6 respectively in the Logging Project Spec v1.3 MDC table1. | |
Best Practices and Risk Analysis for an Operator
...