...
- Amy Zwarico
- Robert Heinemann
- Muddasar Ahmed
- fabian rouzaut
- Byung-Woo Jun
- Brian Smith
- Samuli Silvius
- PUT YOUR NAME HERE
Actions
30 Jul 2021
...
...
13 Aug 2021
- Review Requirements list Amy put together
- Muddasar to provide links to NIST security logging standards:
https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-92.pdf
- Fabian: Initial investigation of ONAP responding to security events.
- Bob to provide Orchestration logging events
- Log Template as suggested by Chakir on Tuesday call ( Apache 2 log template as an example. Can we review work from Logging enhancement project?
Key
X: Indicates what is in-scope for ONAP
...
Steps for approval: POC → Best Practice → Global Requirement
Working Session Agenda
...
- Presentation to 2 PTL's to gather security logging feedback and to consider participating in a POC in the Jakarta release Focus is on logging metadata.
- Toine Siebelink Toine Siebelink, Configuration Persistence Service Project
- Vijay Venkatesh Kumar Vijay Venkatesh Kumar, Data Collection Analytics and Events Project
Comments form Toine and VJ:
- Toine
- Will this work for non-transactional based logs?
- Should this current framework cover more?
- An extra field to identify that this is a security log. Perhaps constrain with an ENUM.
- Commented that he believes the container ID information is important to capture.
- VJ:
- Since this scope is security he would like to see this as a generalized structure used across ONAP. DCAE has 30 containers and would like format to be applicable to all logging.
- Both agreed that this is an important topic that should be brought forward to PTL meeting.
...
Best Practices and Risk Analysis for an Operator
...