Initial splunk exploration for non-prod - Githubissues

HHS / OPRE-OPS

ACF's OPRE OPS product. Code name Unicorn.

Other

12 stars 3 forks source link

Initial splunk exploration for non-prod #2647

Open jonnalley opened 3 months ago

jonnalley commented 3 months ago

Goals

Get non-production OPS environments logging some (not all) key logging telemetry into the ACF Tech non-prod Splunk environment
Experiment with and build infrastructure to support this in a secure way
Update documentation/ADRs as necessary

Tasks

[x] Create LUP service principal for Azure Splunk plugin and securely store credential info
[x] Test out necessary telemetry from LAW and/or ACA
[x] Communicate necessary Azure Database KQL to ACF Tech contacts
[ ] Acquire ACF Tech's validation on Azure Database telemetry from the KQL
[ ] Test out Azure App Gateway telemetry

Additional Context

Required for ATO
This is just an initial path to walk down for non-production. The same thing will need to be done for production once all this is buttoned up

Resources

jonnalley commented 3 weeks ago

waiting on ACF Tech