Multiple grammatical errors - Chapter 46. Case studies: monitoring and logging in OpenStack Security Guide - current
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
openstack-manuals |
Fix Released
|
Medium
|
Shellee Aragon |
Bug Description
Redundant use of conjunctions and lack of apostrophe indicating ownership in the first sentence:
Alice's private cloud
In the private cloud, Alice has a better understanding of the tenants requirements and accordingly can add appropriate oversight and compliance on monitoring and logging. Alice should identify critical services and data and ensure that logging is turned at least on those services and is being aggregated to a central log server. She should start with simple and known use cases and implement correlation and alerting to limit the number of false positives. To implement correlation and alerting, she sends the log data to her organization's existing SIEM tool. Security monitoring should be an ongoing process and she should continue to define use cases and alerts as she has better understanding of the network traffic activity and usage over time.
Proposed Revision:
In the private cloud, Alice has a better understanding of the tenants’ requirements thus she has the ability to add appropriate oversight, actively enforcing compliance for monitoring and logging activities. Alice should identify critical services and data to verify that logging is turned on for each of the services while ensuring the information is being aggregated to a central log server. She should start with simple, known use cases then implement correlation and alerting to limit the number of false positives. To implement correlation and alerting, she sends the log data to her organization's existing SIEM tool. Security monitoring should be an ongoing process therefore she should continue to define use cases and alerts in order to have a better understanding of the network traffic activity and usage over time.
Multiple grammatical errors:
Bob's public cloud
When it comes to logging, as a public cloud provider, Bob is interested in logging both for situational awareness as well as compliance. That is, compliance that Bob as a provider is subject to as well as his ability to provide timely and relevant logs or reports on the behalf of his customers for their compliance audits. With that in mind, Bob configures all of his instances, nodes, and infrastructure devices to perform time synchronization with an external, known good time device. Additionally, Bob's team has built a Django based web applications for his customers to perform self-service log retrieval from Bob's SIEM tool. Bob also uses this SIEM tool along with a robust set of alerts and integration with his CMDB to provide operational awareness to both customers and cloud administrators.
Proposed revision:
When it comes to logging, as a public cloud provider, Bob is interested in the activities for situational awareness as well as compliance. In the aspect of compliance, as a provider, Bob is subject to adherence to various rules and regulations to include activities such as providing timely, relevant logs or reports to customers to meet the requirements of their compliance programs. With that in mind, Bob configures all of his instances, nodes, and infrastructure devices to perform time synchronization with an external, validated time device. Additionally, Bob's team has built a Django based web application for his customers to perform self-service log retrieval from the SIEM tool. Bob also uses this SIEM tool along with a robust set of alerts and integration with his CMDB to provide operational awareness to both customers and cloud administrators.
-------
Built: 2014-07-16T20:01:44 00:00
git SHA: 4076a42a4d4ad0e
URL: http://
source File: file:/home/
xml:id: case-studies-
Changed in openstack-manuals: | |
status: | New → Confirmed |
importance: | Undecided → Medium |
Changed in openstack-manuals: | |
assignee: | nobody → Shellee Arnold (shellee-arnold) |
Fix proposed to branch: master /review. openstack. org/114810
Review: https:/