GSA/devsecops-log-forwarding

Name: devsecops-log-forwarding

Owner: U.S. General Services Administration

Description: WORK IN PROGRESS

Created: 2018-01-23 16:04:13.0

Updated: 2018-01-24 21:53:42.0

Pushed: 2018-01-26 19:51:11.0

Homepage:

Size: 66

Language: HCL

GitHub Committers

UserMost Recent Commit# Commits

Other Committers

UserEmailMost Recent Commit# Commits

README

DevSecOps Log Forwarding infrastructure CircleCI

This is a Terraform module that creates infrastructure for collecting and forwarding logs. The module creates an autoscaling fluentd cluster in Amazon Web Services (AWS).

diagram

This is needed at GSA because we need logs to be forwarded to our security team for compliance and incident response reasons, as well as whatever logging system the team is using. It can be tricky to configure multiple logging endpoints for syslog agents on every instance; this way, changes to the forwarding can be done in one place.

For the “tenant's logging system”, we recommend our EKK stack.

Development

  1. Install dependencies.

    • Python 3.2+
    • Pipenv
    • Terraform

  2. From the root of the repository, install Python dependencies.

    nv install
nv shell

Note that in some cases, you may have to force pipenv to use python 3.6:

```sh
pipenv --python 3.6 install
pipenv --python 3.6 shell
```

  1. Configure AWS credentials.

  2. Set up test infrastructure.

    est
aform init
aform apply

  3. Run tests.

    on3 test.py
This work is supported by the National Institutes of Health's National Center for Advancing Translational Sciences, Grant Number U24TR002306. This work is solely the responsibility of the creators and does not necessarily represent the official views of the National Institutes of Health.