...
Metadata for Security Events (Proposed)
Working Session Agenda
Meeting | Working Items |
---|
9/17/2021 | - Presentation to 2 PTL's to gather security logging feedback and to consider participating in a POC in the Jakarta release Focus is on logging metadata.
Comments form Toine and VJ: - Toine
- Will this work for non-transactional based logs?
- Should this current framework cover more?
- An extra field to identify that this is a security log. Perhaps constrain with an ENUM.
- VJ:
- Since this scope is security he would like to see this as a generalized structure used across ONAP. DCAE has 30 containers and would like format to be applicable to all logging.
- Both agreed that this is an important topic that should be brought forward to PTL meeting.
|
9/24/2021 | - Discussion: Byung-Woo Jun Is possible to combine a POC and Best Practice for a single release. If so, is this something that is possible for Toine's and VJ's projects?
- Get on PTL meeting calendar to present security Logging Metadata
|
|
|
Security Log Structure
Date / Time | Log Level | Transaction ID | Status Code | Severity | Container Data | Protocol | Service / Program Name | Log Message |
Image Tag / Name | Image Digest | ID | Name | Principal ID | Role / Attribute ID |
NOTE:
Grey Box | indicate that a (yet to be determined) container logger function / service will provide security log metadata. |
White Box | indicate the developer of a container or container application will provide security log metadata/ |
Example:
From Fabian:
2021-09-10T14:50:37.929Z|d855a2c6-c58f-4d8d-b199-3382d11504d2|http-nio-8083-exec-5|/manage/health|kube-probe/1.19|||DEBUG|500||Headers : X-Content-Type-Options:nos
...