Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(jans-lock-master): process log data from Cedraling and post it to enabled SIEM service #8742

Open
Tracked by #8745
yurem opened this issue Jun 19, 2024 · 0 comments
Open
Tracked by #8745

feat(jans-lock-master): process log data from Cedraling and post it to enabled SIEM service #8742

yurem opened this issue Jun 19, 2024 · 0 comments
Assignees
@yurem @pujavs
Labels
kind-feature Issue or PR is a new feature request
Milestone
1.1.4

Comments

@yurem
Copy link
Contributor

yurem commented Jun 19, 2024

This issue is related to #8732. After getting request to Lock Master /logs endpoint from Cedarling service should forward it to enabled SIEM module.

Data to Lock master should be send in CBOR format and have at least next properties:

/audit/logs:
event_time,
even_type (policy access, registration/token/jwks request events),
severety_level (error, warning, info, etc),
policy_id,
policy_result (allow/deny),
user_account_id,
client_id,
source_information
@mo-auto mo-auto added the kind-feature Issue or PR is a new feature request label Jun 19, 2024
@yurem yurem mentioned this issue Jun 19, 2024
Open
10 tasks
@moabu moabu added this to the 1.1.4 milestone Jul 8, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@yurem yurem

@pujavs pujavs

Labels
kind-feature Issue or PR is a new feature request
Projects
None yet
Milestone
1.1.4
Development

No branches or pull requests
4 participants
@yurem @pujavs @moabu @mo-auto