PCI-DSS Events Notification Reason Field

Registered by Tin Lam on 2016-10-03

Currently, events triggered by PCI-DSS compliance, e.g. a user is locked out due to excessive failed login attempts, do not emit notifications that can be audited easily. This blueprint proposes to add a reason field to the CADF notifications from these PCI-DSS events.

Blueprint information

Status:
Complete
Approver:
Steve Martinelli
Priority:
Medium
Drafter:
Tin Lam
Direction:
Approved
Assignee:
Gage Hugo
Definition:
Approved
Series goal:
Accepted for ocata
Implementation:
Implemented
Milestone target:
milestone icon ocata-3
Started by
Steve Martinelli on 2016-11-18
Completed by
Steve Martinelli on 2016-12-21

Related branches

Sprints

Whiteboard

Gerrit Spec: https://review.openstack.org/#/c/381302/

Gerrit topic: https://review.openstack.org/#q,topic:bp/pci-dss-notifications,n,z

Addressed by: https://review.openstack.org/396752
    WIP - Add reason to notification payload

Addressed by: https://review.openstack.org/400882
    Add reason to CADF notifications in docs

Addressed by: https://review.openstack.org/413822
    Remove unused exceptions from CADF notifications

(?)

Work Items

This blueprint contains Public information 
Everyone can see this information.