Introduction
Background information is available at:
It is expected that the working group will work on two different areas:
- Software: ensure there is enough traceability on the SE and that our services use standard logging mechanisms (syslog)
- Operations: provide recommendations aimed at the sites to help them fulfill the logging and traceability policy requirements, in particular on the WN and UI
A more detailed work plan will be provided once the working group is formed.
As far as communication is concerned:
- The working group will coordinate via a mailing list
- Remote and possibly face-to-face meetings (e.g. pre-GDB) will also be organised
- Regular status reports will be provided via the GDB
Questionnaire for the different software areas
All questions are in the context of activities that involve identifiable client (a person, a device, a service etc):
- How do you record activities?
- syslog
- database
- other (expand)
- no record is kept
- What is recorded?
- person's DN
- IP address (for connection source and/or destination)
- time stamp
- nature of activity (e.g. put/get, query etc)
- other (expand)
- How is the record formatted?
- Where is the record kept?
- specific local catalog
- specific server (local or remote) (e.g. remote syslog)
- What is access control on the record?
- Unix ACL
- authorisation by credentials
- other (expand)
- none
- Are there multiple records?
- If they are of different kinds, fill out a separate questionnaire for each.
Contact
wlcg-security-tracebility-wg@cernNOSPAMPLEASE.ch
Meetings
https://indico.cern.ch/categoryDisplay.py?categId=4392
Set ALLOWWEBCHANGE =
TWikiRegistrationAgent,
RomainWartel