Make username of person/account logging in (unsuccessful attempt) (currently in core.log) in audit.log (TSA Security Act UK) #20293
Assignees
Labels
area/audit-log
backlog
kind/requirement
New feature or idea on top of harbor
target/2.13.0
issues that are targeting v2.13.0
Comments
wy65701436
added
kind/requirement
9 tasks
|
add feature in pr #21455 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi there and hoping you're well - For the Telecommunications Security Act (a new set of UK lawful regulations)- we need to please to have the following event within the audit log of Harbor:
Make username of person/account logging in (unsuccessful attempt of login), time/date stamp (currently in core.log, but it's our understanding that core.log content doesn't work with the syslog forwarding function in Harbor, instead the event needs to be in audit.log - so thereby the issue is make unsuccessful login events with username of user, time/date stamp, available to audit.log. (Medium Priority - as the local log does have it - but can't be forwarded to SIEM/SOC).
https://assets.publishing.service.gov.uk/media/6384d09ed3bf7f7eba1f286c/E02781980_Telecommunications_Security_CoP_Accessible.pdf
(Section 5.7, page 43).
Thank you
The text was updated successfully, but these errors were encountered: