Back to bug 1619266
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Lucas Alvares Gomes | 2018-08-20 13:23:03 UTC | Keywords | OtherQA | |
| Whiteboard | upstream_milestone_pike-2 upstream_definition_approved upstream_status_slow-progress | |||
| PnT Account Manager | 2019-02-14 15:03:16 UTC | CC | nyechiel | |
| Daniel Alvarez Sanchez | 2019-02-14 17:40:19 UTC | Target Release | --- | 17.0 (U) |
| CC | dalvarez | |||
| Scott Lewis | 2019-02-14 17:40:26 UTC | Target Release | 17.0 (U) | --- |
| Franck Baudin | 2019-03-19 18:07:24 UTC | Keywords | Triaged | |
| CC | fbaudin | |||
| David Sanz | 2019-04-16 15:52:08 UTC | CC | dsanzmor | |
| Mauro Oddi | 2019-05-20 10:24:01 UTC | CC | moddi | |
| Mauro Oddi | 2019-05-20 10:45:08 UTC | Flags | needinfo?(amuller) | |
| Mauro Oddi | 2019-05-20 10:45:35 UTC | Flags | needinfo?(tfreger) | |
| Toni Freger | 2019-06-13 17:39:37 UTC | CC | atragler | |
| Flags | needinfo?(amuller) needinfo?(tfreger) | needinfo?(atragler) | ||
| Russell Bryant | 2019-07-10 13:18:20 UTC | CC | rbryant | |
| Assaf Muller | 2019-08-20 14:40:29 UTC | Summary | [RFE] Security Groups Logging | [RFE] [OVN] Security Groups Logging |
| PnT Account Manager | 2019-12-13 22:30:43 UTC | CC | yohmura | |
| PnT Account Manager | 2020-02-27 22:28:48 UTC | CC | yaskobay | |
| Anita Tragler | 2020-08-11 20:06:42 UTC | Priority | low | high |
| Flags | needinfo?(atragler) | |||
| Severity | low | medium | ||
| Ibra | 2020-08-12 00:26:17 UTC | CC | indoye | |
| ffernand | 2020-08-12 18:53:39 UTC | CC | ffernand | |
| ffernand | 2020-09-11 10:09:51 UTC | Assignee | amuller | ffernand |
| Anita Tragler | 2020-09-22 13:11:26 UTC | Version | 14.0 (Rocky) | 16.2 (Train) |
| Target Milestone | --- | ga | ||
| Anita Tragler | 2020-09-28 17:05:17 UTC | Blocks | 1883298 | |
| PnT Account Manager | 2020-11-13 23:18:26 UTC | CC | indoye | |
| nlevinki | 2020-12-16 07:56:54 UTC | CC | nlevinki | |
| Jakub Libosvar | 2021-01-20 14:32:00 UTC | Link ID | OpenStack gerrit 768129 | |
| Jakub Libosvar | 2021-01-20 14:33:05 UTC | Status | NEW | ON_DEV |
| Target Milestone | ga | Alpha | ||
| Jakub Libosvar | 2021-01-20 14:49:32 UTC | Target Milestone | Alpha | rc |
| ffernand | 2021-02-05 11:20:42 UTC | Link ID | Launchpad 1914757 | |
| Greg Procunier | 2021-02-09 15:48:27 UTC | CC | gprocuni | |
| ffernand | 2021-02-11 16:13:33 UTC | Fixed In Version | python-ovsdbapp-0.17.5-2.20210210100211.el8ost | |
| ffernand | 2021-02-12 16:46:55 UTC | Status | ON_DEV | POST |
| ffernand | 2021-02-12 23:36:57 UTC | Link ID | OpenStack gerrit 774460 | |
| Fixed In Version | python-ovsdbapp-0.17.5-2.20210210100211.el8ost | python-ovsdbapp-0.17.5-2.20210210100211.el8ost python-networking-ovn-7.3.1-2.20210212165008.el8ost.src.rpm | ||
| ffernand | 2021-02-25 11:12:45 UTC | Link ID | OpenStack gerrit 777567 | |
| ffernand | 2021-03-02 19:57:39 UTC | Fixed In Version | python-ovsdbapp-0.17.5-2.20210210100211.el8ost python-networking-ovn-7.3.1-2.20210212165008.el8ost.src.rpm | python-ovsdbapp-0.17.5-2.20210210100211.el8ost python-networking-ovn-7.3.1-2.20210212165008.el8ost.src.rpm openstack-tripleo-heat-templates-11.4.1-2.20210301084955.el8ost.src.rpm |
| ffernand | 2021-03-02 22:42:45 UTC | Blocks | 1934310 | |
| Mike Burns | 2021-03-09 15:21:31 UTC | CC | spower | |
| Target Milestone | rc | Alpha | ||
| CC | mburns | |||
| RHEL Program Management | 2021-03-09 19:13:30 UTC | Target Release | --- | 16.2 (Train on RHEL 8.4) |
| ffernand | 2021-03-09 20:09:14 UTC | Fixed In Version | python-ovsdbapp-0.17.5-2.20210210100211.el8ost python-networking-ovn-7.3.1-2.20210212165008.el8ost.src.rpm openstack-tripleo-heat-templates-11.4.1-2.20210301084955.el8ost.src.rpm | python-ovsdbapp-0.17.5-2.20210210100211.el8ost openstack-tripleo-heat-templates-11.4.1-2.20210309155045.eafc63b.el8ost |
| ffernand | 2021-03-09 20:24:32 UTC | Status | POST | MODIFIED |
| Fixed In Version | python-ovsdbapp-0.17.5-2.20210210100211.el8ost openstack-tripleo-heat-templates-11.4.1-2.20210309155045.eafc63b.el8ost | python-ovsdbapp-0.17.5-2.20210210100211.el8ost python-networking-ovn-7.3.1-2.20210309155035.28fe673.el8ost openstack-tripleo-heat-templates-11.4.1-2.20210309155045.eafc63b.el8ost | ||
| errata-xmlrpc | 2021-03-12 10:18:55 UTC | Status | MODIFIED | ON_QA |
| Greg Rakauskas | 2021-05-07 18:57:31 UTC | CC | gregraka | |
| Eran Kuris | 2021-05-24 06:24:10 UTC | Flags | needinfo?(atragler) | |
| Red Hat Bugzilla | 2021-05-30 14:50:46 UTC | CC | chrisw | |
| Lucas Alvares Gomes | 2021-06-01 14:47:03 UTC | Keywords | TechPreview | |
| Jeff Fearn 🐞 | 2021-06-03 12:23:55 UTC | CC | chrisw | |
| Assaf Muller | 2021-06-15 17:24:51 UTC | CC | amuller | |
| Eran Kuris | 2021-06-17 09:37:43 UTC | QA Contact | ekuris | akatz |
| James Smith | 2021-07-06 20:17:34 UTC | Status | ON_QA | CLOSED |
| CC | jamsmith | |||
| Resolution | --- | WONTFIX | ||
| Last Closed | 2021-07-06 20:17:34 UTC | |||
| Eran Kuris | 2021-07-07 08:00:30 UTC | Status | CLOSED | ON_QA |
| CC | ekuris | |||
| Resolution | WONTFIX | --- | ||
| Keywords | Reopened | |||
| Greg Rakauskas | 2021-07-28 18:16:08 UTC | CC | ffernand, gregraka | |
| Doc Text | In Red Hat OpenStack Platform 16.2 a technology preview is available for ML2/OVN support for network logging, based on security groups. Unlike ML2/OVS, the driver for this functionality leverages the ML2/OVN northbound database to manage affected security group rules, and there is no need for an agent. You can use this network log data for a variety of purposes such as defending against cyber attacks, or for generalized auditing, troubleshooting, and monitoring. | |||
| Doc Type | Enhancement | Technology Preview | ||
| Greg Rakauskas | 2021-07-28 18:16:27 UTC | CC | gregraka | |
| Target Milestone | Alpha | beta | ||
| Greg Rakauskas | 2021-07-28 18:23:03 UTC | CC | akatz | |
| Target Milestone | beta | Alpha | ||
| Flags | needinfo?(akatz) | |||
| Greg Rakauskas | 2021-07-28 18:51:17 UTC | Doc Text | In Red Hat OpenStack Platform 16.2 a technology preview is available for ML2/OVN support for network logging, based on security groups. Unlike ML2/OVS, the driver for this functionality leverages the ML2/OVN northbound database to manage affected security group rules, and there is no need for an agent. You can use this network log data for a variety of purposes such as defending against cyber attacks, or for generalized auditing, troubleshooting, and monitoring. | A technology preview is available for network logging based on security groups for the the Modular Layer 2 plug-in with the Open Virtual Network mechanism driver (ML2/OVN). Unlike ML2/OVS, the driver for this functionality leverages the ML2/OVN northbound database to manage affected security group rules, and there is no need for an agent. You can use this network log data for a variety of purposes such as defending against cyber attacks, or for generalized auditing, troubleshooting, and monitoring. |
| Alex Katz | 2021-07-28 19:00:21 UTC | Flags | needinfo?(akatz) | |
| Red Hat Bugzilla | 2021-08-01 22:27:11 UTC | CC | pmorey | |
| Alex Katz | 2021-08-05 10:50:15 UTC | Depends On | 1990357 | |
| Alex Katz | 2021-08-05 10:51:07 UTC | Depends On | 1990279 | |
| Alex Katz | 2021-08-05 10:52:07 UTC | Depends On | 1988833 | |
| Alex Katz | 2021-08-05 10:52:55 UTC | Depends On | 1988837 | |
| Alex Katz | 2021-08-05 10:55:33 UTC | Depends On | 1939524 | |
| Alex Katz | 2021-08-05 10:57:33 UTC | Depends On | 1990375 | |
| Alex Katz | 2021-08-05 10:57:42 UTC | Depends On | 1988793 | |
| Maor | 2021-08-05 12:28:15 UTC | Depends On | 1990441 | |
| Alex Katz | 2021-08-05 15:31:36 UTC | Depends On | 1990534 | |
| Alex Katz | 2021-08-09 08:57:05 UTC | Status | ON_QA | ASSIGNED |
| Eran Kuris | 2021-08-11 13:18:05 UTC | Depends On | 1992641 | |
| James Smith | 2021-09-02 16:09:27 UTC | Doc Type | Technology Preview | If docs needed, set a value |
| Doc Text | A technology preview is available for network logging based on security groups for the the Modular Layer 2 plug-in with the Open Virtual Network mechanism driver (ML2/OVN). Unlike ML2/OVS, the driver for this functionality leverages the ML2/OVN northbound database to manage affected security group rules, and there is no need for an agent. You can use this network log data for a variety of purposes such as defending against cyber attacks, or for generalized auditing, troubleshooting, and monitoring. | |||
| James Smith | 2021-09-09 21:03:33 UTC | Flags | needinfo?(tvignaud) | |
| CC | tvignaud | |||
| James Smith | 2021-09-09 21:04:39 UTC | CC | ksambor | |
| Flags | needinfo?(ksambor) | |||
| Kamil Sambor | 2021-09-14 08:46:47 UTC | Assignee | ffernand | ksambor |
| Flags | needinfo?(ksambor) | |||
| Matteo Panella | 2021-09-22 10:04:50 UTC | CC | matteo.panella | |
| Thierry Vignaud | 2021-10-13 11:43:29 UTC | Flags | needinfo?(tvignaud) | |
| Franck Baudin | 2021-10-19 11:55:18 UTC | CC | ekuris | |
| Eran Kuris | 2021-10-19 12:04:01 UTC | CC | ekuris | |
| Eran Kuris | 2021-10-28 12:58:49 UTC | Target Milestone | Alpha | z2 |
| Lucas Alvares Gomes | 2021-11-02 09:32:51 UTC | Version | 16.2 (Train) | 17.0 (Wallaby) |
| Target Milestone | z2 | z1 | ||
| RHEL Program Management | 2021-11-02 09:33:01 UTC | Target Release | 16.2 (Train on RHEL 8.4) | --- |
| Luigi Tamagnone | 2021-11-02 13:47:01 UTC | CC | ltamagno | |
| Eran Kuris | 2021-11-10 14:51:27 UTC | Version | 17.0 (Wallaby) | 17.1(Wallaby) |
| Target Milestone | z1 | ga | ||
| Red Hat One Jira (issues.redhat.com) | 2021-11-10 14:54:34 UTC | Link ID | Red Hat Issue Tracker OSP-1399 | |
| Gianni Salinetti | 2021-11-24 15:14:02 UTC | CC | gsalinet | |
| Elvira | 2021-11-25 10:08:19 UTC | CC | egarciar | |
| Assignee | ksambor | egarciar | ||
| Red Hat Bugzilla | 2021-12-01 03:44:55 UTC | CC | ksambor | |
| Slawek Kaplonski | 2021-12-06 08:18:16 UTC | Depends On | 2029310 | |
| Elvira | 2021-12-10 15:56:47 UTC | Depends On | 2031150 | |
| Riccardo Bruzzone | 2022-01-25 08:55:27 UTC | CC | rbruzzon | |
| Flags | needinfo?(egarciar) | |||
| Elvira | 2022-01-26 14:58:32 UTC | Flags | needinfo?(egarciar) | |
| Anita Tragler | 2022-02-03 05:28:04 UTC | Flags | needinfo?(atragler) | |
| RHEL Program Management | 2022-02-03 05:28:12 UTC | Target Release | --- | 17.0 |
| Riccardo Bruzzone | 2022-02-09 12:49:33 UTC | Flags | needinfo?(egarciar) | |
| Elvira | 2022-02-10 13:09:45 UTC | Flags | needinfo?(egarciar) | |
| Elvira | 2022-02-10 13:10:15 UTC | Status | ASSIGNED | ON_DEV |
| Red Hat Bugzilla | 2022-02-22 05:40:57 UTC | CC | atragler | |
| Chris Janiszewski | 2022-03-01 16:05:50 UTC | CC | cjanisze | |
| Riccardo Bruzzone | 2022-03-07 09:10:46 UTC | Flags | needinfo?(egarciar) | |
| Elvira | 2022-03-07 18:50:36 UTC | Flags | needinfo?(egarciar) | |
| Bernard Cafarelli | 2022-03-08 10:04:03 UTC | CC | bcafarel | |
| David Hill | 2022-03-09 14:19:02 UTC | CC | dhill | |
| Link ID | Red Hat Knowledge Base (Solution) 6804041 | |||
| Maor | 2022-03-13 14:56:41 UTC | CC | mblue | |
| Alberto Rivera Laporte | 2022-04-05 14:49:36 UTC | CC | ariveral | |
| Mark Michelson | 2022-04-08 14:37:26 UTC | Depends On | 2073462 | |
| Franck Baudin | 2022-04-14 07:32:28 UTC | CC | fbaudin | |
| RHEL Program Management | 2022-07-26 10:35:17 UTC | Target Release | 17.0 | --- |
| Elvira | 2022-09-15 08:53:41 UTC | Status | ON_DEV | MODIFIED |
| Gurpreet Singh | 2022-10-04 21:21:30 UTC | Target Release | --- | 17.1 |
| CC | gurpsing | |||
| RHEL Program Management | 2022-10-04 21:21:46 UTC | Target Release | 17.1 | --- |
| RHEL Program Management | 2022-10-10 08:03:02 UTC | Target Release | --- | 17.1 |
| Miguel Garcia | 2022-11-29 15:27:34 UTC | Flags | needinfo?(egarciar) | |
| Red Hat Bugzilla | 2022-12-06 22:13:54 UTC | CC | akatz | |
| QA Contact | akatz | ekuris | ||
| Elvira | 2022-12-13 11:32:05 UTC | Depends On | 2152877 | |
| Elvira | 2022-12-13 15:52:38 UTC | Flags | needinfo?(egarciar) | |
| Fixed In Version | python-ovsdbapp-0.17.5-2.20210210100211.el8ost python-networking-ovn-7.3.1-2.20210309155035.28fe673.el8ost openstack-tripleo-heat-templates-11.4.1-2.20210309155045.eafc63b.el8ost | python-ovsdbapp-0.17.5-2.20210210100211.el8ost openstack-neutron-18.6.1-1.20221208163914.d76107b.el8ost openstack-tripleo-heat-templates-14.3.1-1.20221029013725.36d0e18.el8ost puppet-neutron-18.5.1-1.20220728031200.9a9bdac.el8ost | ||
| Mikey Ariel | 2023-01-02 15:48:49 UTC | CC | mariel | |
| Eran Kuris | 2023-01-03 15:01:29 UTC | QA Contact | ekuris | mblue |
| Lon Hohberger | 2023-02-13 20:26:34 UTC | Fixed In Version | python-ovsdbapp-0.17.5-2.20210210100211.el8ost openstack-neutron-18.6.1-1.20221208163914.d76107b.el8ost openstack-tripleo-heat-templates-14.3.1-1.20221029013725.36d0e18.el8ost puppet-neutron-18.5.1-1.20220728031200.9a9bdac.el8ost | python-ovsdbapp-0.17.5-2.20210210100211.el8ost openstack-neutron-18.6.1-1.20221208163914.d76107b.el8ost openstack-tripleo-heat-templates-14.3.1-1.20221029013725.36d0e18.el8ost puppet-neutron-18.5.1-1.20220728031200.9a9bdac.el8ost python-networking-ovn-7.4.2-2.20210601204825.el8ost.11 |
| Elvira | 2023-03-21 16:46:27 UTC | Fixed In Version | python-ovsdbapp-0.17.5-2.20210210100211.el8ost openstack-neutron-18.6.1-1.20221208163914.d76107b.el8ost openstack-tripleo-heat-templates-14.3.1-1.20221029013725.36d0e18.el8ost puppet-neutron-18.5.1-1.20220728031200.9a9bdac.el8ost python-networking-ovn-7.4.2-2.20210601204825.el8ost.11 | python-ovsdbapp-0.17.5-2.20210210100211.el8ost openstack-neutron-18.6.1-1.20230206163818.b53c5e7.el8ost openstack-tripleo-heat-templates-14.3.1-1.20221029013725.36d0e18.el8ost puppet-neutron-18.5.1-1.20220728031200.9a9bdac.el8ost |
| Elvira | 2023-03-21 16:46:51 UTC | Status | MODIFIED | ON_QA |
| Jon Schlueter | 2023-03-21 18:31:41 UTC | CC | jschluet | |
| Status | ON_QA | MODIFIED | ||
| Jon Schlueter | 2023-03-21 18:32:38 UTC | CC | scohen | |
| Component | python-networking-ovn | openstack-neutron | ||
| Miguel Garcia | 2023-03-22 09:24:52 UTC | Flags | needinfo?(egarciar) | |
| Elvira | 2023-03-22 11:27:51 UTC | Flags | needinfo?(egarciar) | |
| Fixed In Version | python-ovsdbapp-0.17.5-2.20210210100211.el8ost openstack-neutron-18.6.1-1.20230206163818.b53c5e7.el8ost openstack-tripleo-heat-templates-14.3.1-1.20221029013725.36d0e18.el8ost puppet-neutron-18.5.1-1.20220728031200.9a9bdac.el8ost | python-ovsdbapp-1.9.3-1.20220727203213.f804411.el9ost openstack-neutron-18.6.1-1.20230206160927.b53c5e7.el9ost openstack-tripleo-heat-templates-14.3.1-1.20221205221200.957cb5d.el9ost puppet-neutron-18.5.1-1.20220831001111.181975c.el9ost | ||
| errata-xmlrpc | 2023-03-22 13:01:56 UTC | Status | MODIFIED | ON_QA |
| Maor | 2023-03-23 23:47:05 UTC | Depends On | 2181381 | |
| Eran Kuris | 2023-03-26 06:40:21 UTC | Depends On | 2181805 | |
| Eran Kuris | 2023-03-30 11:10:38 UTC | Depends On | 2178618 | |
| Red Hat Bugzilla | 2023-05-15 22:13:44 UTC | CC | moddi | |
| Maor | 2023-05-22 07:36:59 UTC | Depends On | 2208552 | |
| Andy Stillman | 2023-05-26 12:37:59 UTC | Flags | needinfo?(egarciar) | |
| Elvira | 2023-05-26 15:41:40 UTC | Doc Text | Security group logging is a new feature released starting 17.1. It allows the monitoring of networking packets flowing through ports associated to one or several security groups. It works for both stateful and stateless security groups. The logging of the packets is stored on the ovn-controller log of the different compute nodes, where the server are located in. Details on how to configure this feature will be available in the Red Hat Openstack 17.1 manual. | |
| Flags | needinfo?(egarciar) | |||
| Doc Type | If docs needed, set a value | Enhancement | ||
| James Smith | 2023-05-26 17:26:54 UTC | Doc Text | Security group logging is a new feature released starting 17.1. It allows the monitoring of networking packets flowing through ports associated to one or several security groups. It works for both stateful and stateless security groups. The logging of the packets is stored on the ovn-controller log of the different compute nodes, where the server are located in. Details on how to configure this feature will be available in the Red Hat Openstack 17.1 manual. | This update introduces the security group logging feature. To monitor traffic flows and attempts into and out of a virtual machine instance, you can configure the Networking Service packet logging for security groups. + You can associate any virtual machine instance port with one or more security groups and define one or more rules for each security group. For instance, you can create a rule to drop inbound ssh traffic to any virtual machine in the finance security group. You can create another rule in to allow virtual machines in that group to send and respond to ICMP (ping) messages. + Then you can configure packet logging to record combinations of accepted and dropped packet flows. + You can use security group logging for both stateful and stateless security groups. + Logged events are stored in the ovn-controller log of the compute nodes that host the virtual machine instances. |
| Denise Hughes | 2023-06-05 16:50:28 UTC | Keywords | TechPreview | |
| CC | dhughes | |||
| Paul Grist | 2023-06-05 16:58:51 UTC | CC | pgrist | |
| Maor | 2023-06-06 17:16:40 UTC | Depends On | 2212952 | |
| Maor | 2023-06-06 18:42:53 UTC | Status | ON_QA | VERIFIED |
| Eran Kuris | 2023-06-07 07:40:02 UTC | Depends On | 2213126 | |
| James Smith | 2023-06-14 02:21:48 UTC | Doc Text | This update introduces the security group logging feature. To monitor traffic flows and attempts into and out of a virtual machine instance, you can configure the Networking Service packet logging for security groups. + You can associate any virtual machine instance port with one or more security groups and define one or more rules for each security group. For instance, you can create a rule to drop inbound ssh traffic to any virtual machine in the finance security group. You can create another rule in to allow virtual machines in that group to send and respond to ICMP (ping) messages. + Then you can configure packet logging to record combinations of accepted and dropped packet flows. + You can use security group logging for both stateful and stateless security groups. + Logged events are stored in the ovn-controller log of the compute nodes that host the virtual machine instances. | This update introduces the security group logging feature. To monitor traffic flows and attempts into and out of a virtual machine instance, you can configure the Networking Service packet logging for security groups. + You can associate any virtual machine instance port with one or more security groups and define one or more rules for each security group. For instance, you can create a rule to drop inbound ssh traffic to any virtual machine in the finance security group. You can create another rule to allow virtual machines in that group to send and respond to ICMP (ping) messages. + Then you can configure packet logging to record combinations of accepted and dropped packet flows. + You can use security group logging for both stateful and stateless security groups. + Logged events are stored in the ovn-controller log of the compute nodes that host the virtual machine instances. |
| James Smith | 2023-06-14 16:57:35 UTC | Doc Text | This update introduces the security group logging feature. To monitor traffic flows and attempts into and out of a virtual machine instance, you can configure the Networking Service packet logging for security groups. + You can associate any virtual machine instance port with one or more security groups and define one or more rules for each security group. For instance, you can create a rule to drop inbound ssh traffic to any virtual machine in the finance security group. You can create another rule to allow virtual machines in that group to send and respond to ICMP (ping) messages. + Then you can configure packet logging to record combinations of accepted and dropped packet flows. + You can use security group logging for both stateful and stateless security groups. + Logged events are stored in the ovn-controller log of the compute nodes that host the virtual machine instances. | This update introduces the security group logging feature. To monitor traffic flows and attempts into and out of a virtual machine instance, you can configure the Networking Service packet logging for security groups. + You can associate any virtual machine instance port with one or more security groups and define one or more rules for each security group. For instance, you can create a rule to drop inbound ssh traffic to any virtual machine in the finance security group. You can create another rule to allow virtual machines in that group to send and respond to ICMP (ping) messages. + Then you can configure packet logging to record combinations of accepted and dropped packet flows. + You can use security group logging for both stateful and stateless security groups. + Logged events are stored on the compute nodes that host the virtual machine instances, in the file `/var/log/containers/stdouts/ovn_controller.log`. |
| Gurpreet Singh | 2023-07-11 22:00:11 UTC | Flags | needinfo?(egarciar) | |
| Elvira | 2023-07-12 07:29:39 UTC | Flags | needinfo?(egarciar) | |
| Ian Frangs | 2023-08-11 10:49:35 UTC | CC | ifrangs | |
| Doc Text | This update introduces the security group logging feature. To monitor traffic flows and attempts into and out of a virtual machine instance, you can configure the Networking Service packet logging for security groups. + You can associate any virtual machine instance port with one or more security groups and define one or more rules for each security group. For instance, you can create a rule to drop inbound ssh traffic to any virtual machine in the finance security group. You can create another rule to allow virtual machines in that group to send and respond to ICMP (ping) messages. + Then you can configure packet logging to record combinations of accepted and dropped packet flows. + You can use security group logging for both stateful and stateless security groups. + Logged events are stored on the compute nodes that host the virtual machine instances, in the file `/var/log/containers/stdouts/ovn_controller.log`. | This update introduces the security group logging feature. To monitor traffic flows and attempts into and out of a virtual machine instance, you can configure the Networking Service packet logging for security groups. + You can associate any virtual machine instance port with one or more security groups and define one or more rules for each security group. For instance, you can create a rule to drop inbound ssh traffic to any virtual machine in the finance security group. You can create another rule to allow virtual machines in that group to send and respond to ICMP (ping) messages. + Then you can configure packet logging to record combinations of accepted and dropped packet flows. + You can use security group logging for both stateful and stateless security groups. + Logged events are stored on the Compute nodes that host the virtual machine instances, in the file `/var/log/containers/stdouts/ovn_controller.log`. |
||
| Ian Frangs | 2023-08-11 12:47:44 UTC | Doc Text | This update introduces the security group logging feature. To monitor traffic flows and attempts into and out of a virtual machine instance, you can configure the Networking Service packet logging for security groups. + You can associate any virtual machine instance port with one or more security groups and define one or more rules for each security group. For instance, you can create a rule to drop inbound ssh traffic to any virtual machine in the finance security group. You can create another rule to allow virtual machines in that group to send and respond to ICMP (ping) messages. + Then you can configure packet logging to record combinations of accepted and dropped packet flows. + You can use security group logging for both stateful and stateless security groups. + Logged events are stored on the Compute nodes that host the virtual machine instances, in the file `/var/log/containers/stdouts/ovn_controller.log`. | This update introduces the security group logging feature. To monitor traffic flows and attempts into and out of an instance, you can configure the Networking Service packet logging for security groups. + You can associate any instance port with one or more security groups and define one or more rules for each security group. For instance, you can create a rule to drop inbound ssh traffic to any instance in the finance security group. You can create another rule to allow instances in that group to send and respond to ICMP (ping) messages. + Then you can configure packet logging to record combinations of accepted and dropped packet flows. + You can use security group logging for both stateful and stateless security groups. + Logged events are stored on the Compute nodes that host the instances, in the file `/var/log/containers/stdouts/ovn_controller.log`. |
| Ian Frangs | 2023-08-11 16:13:17 UTC | CC | ifrangs | |
| errata-xmlrpc | 2023-08-16 00:01:44 UTC | Status | VERIFIED | RELEASE_PENDING |
| errata-xmlrpc | 2023-08-16 01:09:22 UTC | Resolution | --- | ERRATA |
| Status | RELEASE_PENDING | CLOSED | ||
| Last Closed | 2021-07-06 20:17:34 UTC | 2023-08-16 01:09:22 UTC |
Back to bug 1619266