Ensure Default Log Storage on Persistent Storage Instead of RAM #1082
Comments
|
Couldn't we disable the option to have logs in RAM? |
yes, it depends from the implementation we are going to use to write all of them in the storage. |
|
Proposed solution: Due to the shift from logging in the RAM to logging in the storage, this needs to be put in function in a ready to repair system when 8.5 gets released, so that we can verify the impact. |
Description
Currently, log files are stored in RAM by default. However, for installations with advanced security requirements, logs should be persistently saved by default.
Proposed Solution
To align with security-by-design and security-by-default principles, logging should be enabled immediately upon deployment. A minimally invasive approach that maintains the current behavior while improving security is proposed:
On first UI access, display a modal asking whether to save logs on persistent storage.
The modal must be acknowledged before it disappears.
Until explicitly answered, the modal will reappear on every UI access (e.g., reopening a closed tab).
Available Choices
For cases where an additional storage partition is available, the user can later navigate to the storage settings, disable logging on the current partition, and enable it on the new storage.
Impact & Benefits
Ensures critical logs are not lost due to RAM storage volatility.
Provides users with an informed choice while maintaining security defaults.
Allows for flexible log storage reconfiguration post-installation.
In case of presence of a controller
In case of use of a controller the admin can link NethSecurity to the controller too, saving logs in both local and remote resources.
This also guarantee log save in case of connectivity issues (including attack scenarios) that may prevent logs from reaching the controller, resulting in loss of critical data.
The text was updated successfully, but these errors were encountered: