Uploaded image for project: 'OpenShift Request For Enhancement'
  1. OpenShift Request For Enhancement
  2. RFE-6107

[RFE] Enable NetObs Logging directly to Splunk

XMLWordPrintable

    • False
    • None
    • False
    • Not Selected
    • Engineering

      Description of problem:

          To comply with our CISO we require sending all egress network connection logs to our splunk server. We do not want to deploy Loki and the rest of the OCP logging stack.

      Version-Release number of selected component (if applicable):

          all

       

      Logging network connections to stdout would work for us too, as this can be easily fed to Splunk. I am aware we can use Kafka or OpenTelemetry to send logs to Splunk, but would like to avoid managing more services if we can.

       


      This security tracking issue was filed based on manifesting data available to Product Security in https://deptopia.prodsec.redhat.com/ui/home. This data indicates that the component noted in the "pscomponent" label was found to be affected by this vulnerability. If you believe this issue is not actionable and was created erroneously, please fill out the following form and close this issue as Closed with a resolution of Obsolete. This will prompt Product Security to review what type of error caused this Jira issue to be created, and prevent further mistakes of this type in the future.

      https://forms.gle/LnXaf5aCAHaV6g8T8

      To better understand the distinction between a component being Affected vs Not Affected, please read the following article:
      https://docs.engineering.redhat.com/pages/viewpage.action?spaceKey=PRODSEC&title=Understanding+Affected+and+Not+Affected

              ddharwar@redhat.com Deepthi Dharwar
              rhn-support-dyocum Daniel Yocum
              Zhanqi Zhao Zhanqi Zhao
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated: