Re: [onap] Logging Requirements


Tony Hansen
 

From: <onap-seccom@...> on behalf of "Amy Zwarico via lists.onap.org" <amy.zwarico=att.com@...>
Reply-To: "ZWARICO, AMY" <az9121@...>
Date: Tuesday, April 13, 2021 at 3:48 PM
To: "onap-seccom@..." <onap-seccom@...>
Subject: [Onap-seccom] [onap] Logging Requirements

 

Attached is a deck with logging requirements for the ONAP containers that we will discuss at the 20 April SECCOM meeting. These are requirements adopted from the VNF security requirements and additions from Fabian Rouzaut. There is still some work to do in combining them, so be ready for a lively logging conversation on Tuesday!

 

The deck only talks about security logs. Based on the logging requirements from Casablanca, applications generally deal with informational logs, error logs, audit logs and debug logs.

 

Where do security logs fall into that spectrum?

 

Kubernetes normally collects BOTH stdout AND stderr as log files. The assumption is that informational messages will be written to stdout, and error messages will be written to stderr, which is consistent with the usage of stdout and stderr for the past 50 years.

 

The deck continually refers only to stdout, probably because it only talks about security logs.

 

A LOT of the PTL discussion centered around the fact that we’re asking applications to change how they are doing logging. If we are going to ask that of applications, we need to discuss the entire spectrum of logging and not focus only on the security logs.

 

My recommendations:

 

  • Applications include their security logging within their information messages.

 

  • The informational messages will be written to stdout instead of one of the separate informational log file previously required.

 

    • The informational messages will continue to be formatted as per the Casablanca/Dublin message requirements.

 

  • Audit log messages will be similarly written to stdout.

 

    • The audit log messages will continue to be formatted as per the Casablanca/Dublin message requirements.

 

  • Error log messages will be written to stderr.

 

    • The error log messages will continue to be formatted as per the Casablanca/Dublin message requirements.

 

  • Debug log messages will be written to stdout.

 

    • The debug log messages will continue to be formatted as per the Casablanca/Dublin message requirements.

 

  • MOST of the applications use a logging library that uses a configuration file to determine where logs are written.

 

    • MOST of those configuration files also have a way to specify stdout or stderr as the output instead of a filename.

 

    • If all else fails, the Linux devices /dev/stdout and /dev/stderr should be usable as filenames.

 

Hope this helps the conversation.

 

                Tony

Join onap-seccom@lists.onap.org to automatically receive all group messages.