Skip to content
This repository has been archived by the owner on Oct 31, 2019. It is now read-only.

GSA/devsecops-log-forwarding

Repository files navigation

DevSecOps Log Forwarding infrastructure CircleCI

This is a Terraform module that creates infrastructure for collecting and forwarding logs. The module creates an autoscaling fluentd cluster in Amazon Web Services (AWS).

diagram

This is needed at GSA because we need logs to be forwarded to our security team for compliance and incident response reasons, as well as whatever logging system the team is using. It can be tricky to configure multiple logging endpoints for syslog agents on every instance; this way, changes to the forwarding can be done in one place.

For the "tenant's logging system", we recommend our EKK stack.

Development

  1. Install dependencies.

    • Python 3.2+
    • Pipenv
    • Terraform
  2. From the root of the repository, install Python dependencies.

    pipenv install
    pipenv shell

Note that in some cases, you may have to force pipenv to use python 3.6:

```sh
pipenv --python 3.6 install
pipenv --python 3.6 shell
```
  1. Configure AWS credentials.

  2. Set up test infrastructure.

    cd test
    terraform init
    terraform apply
  3. Run tests.

    python3 test.py