Closed smjmoj closed 5 months ago
I have created a spreadsheet that can help track the identification and testing of the requirements from the SOC team. I will spend some time with the team so that we can determine which ones are obtainable and those that are not. Some may require additional software or settings for intrusion data capturing detection, and perhaps time synchronisation in case we don't have such already.
Spreadsheet - https://docs.google.com/spreadsheets/d/1pCzXCJm0e3YRopI36sNX9P09VNX2f9Cx5McFM-_EWZ8/edit?usp=sharing
Running DHCP server locally is giving errors:
failed to solve: process "/bin/sh -c apk add bash curl mysql mysql-client && curl -1sLf 'https://dl.cloudsmith.io/public/isc/kea-2-2/setup.alpine.sh' | bash && apk upgrade && apk add build-base mysql-dev isc-kea-admin isc-kea-perfdhcp isc-kea-dhcp4 isc-kea-ctrl-agent isc-kea-hook-lease-cmds isc-kea-hook-stat-cmds isc-kea-hook-ha && curl -sL https://alpine-pkgs.sgerrand.com/sgerrand.rsa.pub -o /etc/apk/keys/sgerrand.rsa.pub && curl -sLO https://github.com/sgerrand/alpine-pkg-glibc/releases/download/${GLIBC_VER}/glibc-${GLIBC_VER}.apk && curl -sLO https://github.com/sgerrand/alpine-pkg-glibc/releases/download/${GLIBC_VER}/glibc-bin-${GLIBC_VER}.apk && apk add --no-cache glibc-${GLIBC_VER}.apk glibc-bin-${GLIBC_VER}.apk && curl -sL https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip -o awscliv2.zip && unzip awscliv2.zip && aws/install && rm -rf awscliv2.zip aws /usr/local/aws-cli/v2//dist/aws_completer /usr/local/aws-cli/v2//dist/awscli/data/ac.index /usr/local/aws-cli/v2//dist/awscli/examples && rm glibc-${GLIBC_VER}.apk && rm glibc-bin-${GLIBC_VER}.apk && rm -rf /var/cache/apk/" did not complete successfully: exit code: 8 make: *** [Makefile:41: run] Error 17
Looking into troubleshooting this
I got @smjmoj to run make build on his laptop and it worked. My suspicion is incompatibility with M1 Chip that my Macbook laptop has. Putting the ticket back in the backlog to accomodate other priority tickets in the sprint.
this is now back in the sprint. Will carry on pairing with Sandhya on this
Both myself and Sandy cannot run the make successfully on our Mac. Because of the M1 chip restriction.
Sandy has created an ubuntu poc server in AWS where we were able to run the application and can collaborate.
The DHCP Logs configuration is configured to stdout with a dEBUG level of 99 which is high. https://github.com/ministryofjustice/staff-device-dhcp-server/blob/main/dhcp-service/config_api.json#L51
Below is a generated data of detailed logs tested locally in a development environment according to the requirements.
https://drive.google.com/file/d/1zWeg4voT54DZa2jgc2JdGDKYLbEYZEbD/view?usp=sharing
SOC require enhanced logs from the KIA DHCP server.
Test the Kia configuration according to the recommendation in an isolated environment (preferably on a developers workstation) to validate the improved quality of the logs.
https://www.ncsc.gov.uk/files/NCSC_SOC_Feeds.pdf
Example log configuration:
Acceptance Criteria: