Multiple grammatical errors - Chapter 46. Case studies: monitoring and logging in OpenStack Security Guide  - current

Bug #1342982 reported by Shellee Aragon
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
openstack-manuals
Fix Released
Medium
Shellee Aragon

Bug Description

Redundant use of conjunctions and lack of apostrophe indicating ownership in the first sentence:

Alice's private cloud
In the private cloud, Alice has a better understanding of the tenants requirements and accordingly can add appropriate oversight and compliance on monitoring and logging. Alice should identify critical services and data and ensure that logging is turned at least on those services and is being aggregated to a central log server. She should start with simple and known use cases and implement correlation and alerting to limit the number of false positives. To implement correlation and alerting, she sends the log data to her organization's existing SIEM tool. Security monitoring should be an ongoing process and she should continue to define use cases and alerts as she has better understanding of the network traffic activity and usage over time.

Proposed Revision:
In the private cloud, Alice has a better understanding of the tenants’ requirements thus she has the ability to add appropriate oversight, actively enforcing compliance for monitoring and logging activities. Alice should identify critical services and data to verify that logging is turned on for each of the services while ensuring the information is being aggregated to a central log server. She should start with simple, known use cases then implement correlation and alerting to limit the number of false positives. To implement correlation and alerting, she sends the log data to her organization's existing SIEM tool. Security monitoring should be an ongoing process therefore she should continue to define use cases and alerts in order to have a better understanding of the network traffic activity and usage over time.

Multiple grammatical errors:
 Bob's public cloud
When it comes to logging, as a public cloud provider, Bob is interested in logging both for situational awareness as well as compliance. That is, compliance that Bob as a provider is subject to as well as his ability to provide timely and relevant logs or reports on the behalf of his customers for their compliance audits. With that in mind, Bob configures all of his instances, nodes, and infrastructure devices to perform time synchronization with an external, known good time device. Additionally, Bob's team has built a Django based web applications for his customers to perform self-service log retrieval from Bob's SIEM tool. Bob also uses this SIEM tool along with a robust set of alerts and integration with his CMDB to provide operational awareness to both customers and cloud administrators.

Proposed revision:
When it comes to logging, as a public cloud provider, Bob is interested in the activities for situational awareness as well as compliance. In the aspect of compliance, as a provider, Bob is subject to adherence to various rules and regulations to include activities such as providing timely, relevant logs or reports to customers to meet the requirements of their compliance programs. With that in mind, Bob configures all of his instances, nodes, and infrastructure devices to perform time synchronization with an external, validated time device. Additionally, Bob's team has built a Django based web application for his customers to perform self-service log retrieval from the SIEM tool. Bob also uses this SIEM tool along with a robust set of alerts and integration with his CMDB to provide operational awareness to both customers and cloud administrators.

-----------------------------------
Built: 2014-07-16T20:01:44 00:00
git SHA: 4076a42a4d4ad0e45b585c19e4d3174f81b3d591
URL: http://docs.openstack.org/security-guide/content/case-studies-monitoring-and-logging.html
source File: file:/home/jenkins/workspace/security-doc-tox-doc-publishdocs/security-guide/ch_case-studies-monitoring-and-logging.xml
xml:id: case-studies-monitoring-and-logging

Tags: sec-guide
Bryan D. Payne (bdpayne)
Changed in openstack-manuals:
status: New → Confirmed
importance: Undecided → Medium
Changed in openstack-manuals:
assignee: nobody → Shellee Arnold (shellee-arnold)
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to security-doc (master)

Fix proposed to branch: master
Review: https://review.openstack.org/114810

Changed in openstack-manuals:
status: Confirmed → In Progress
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to security-doc (master)

Reviewed: https://review.openstack.org/114810
Committed: https://git.openstack.org/cgit/openstack/security-doc/commit/?id=bcc81ed4ac2f9cc7a08e9cc3888d86a20fbb34b1
Submitter: Jenkins
Branch: master

commit bcc81ed4ac2f9cc7a08e9cc3888d86a20fbb34b1
Author: Shellee Arnold <email address hidden>
Date: Sat Aug 16 23:16:31 2014 -0700

    Patch for multiple grammatical errors

    Fixed multiple grammatical errors in both of the sections, inclusive of rewriting sentences and fixing punctuation errors. Patch 2 issued to fix commit message.

    Closes-Bug: #1342982

    Change-Id: I069aaf6fe6114cf8a5ebaed42bf69e401ac1dda2

Changed in openstack-manuals:
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.