LOG-395 - Getting issue details... STATUS
1. Upgrade of ELK & Potential Features Development (Search-Data-Service)
- Current ELK versions: elasticsearch 2.4, kibana 4.6 (no logstash is being used)
- To better create the dashboards with enhanced features and look, upgrading to version 5.6 is desired. (Logging project is using 5.5)
2. Dashboards Ideas
The visualizations and dashboards will need to be designed and created according to the current and any potential purposes of the POMBA services - what the users want/need to know, how the system could help improve the whole platform integrity.
Challenges
- We have created a few sample rules and do not know all the rules to be created by the users in the production. That means we can create and provide some high-level dashboards - for the specific rules and details, we could provide some sample dashboards to give an idea so that how the end users could create their own dashboards customized for their use cases.
- For the Network Discovery, what specific audits will be executed and what kinds of audit results are expected
Visualization List
Dashboard List
| Name | Contents | |
|---|---|---|
| Audit Overview | ||
Features
- Provide links to move back and forth across the dashboards: e.g., from the violation page to the page displaying its validation info
3. Audit Use Cases & Data Generation
Generally two approaches to execute the audits and generate audit results:
- Event-Driven Auditing: e.g., Post-orchestration audit trigger by system or user
- Continuous or Scheduled Auditing
Configurations
- Audit targets selection: which microservices should be included and cross-checked
- Audit rules selection: which rules should be validated for the target services
- Scheduling parameters: when, which rules will be applied