docs/release-notes.rst

   1 .. This work is licensed under a Creative Commons Attribution 4.0 International License.
   2 .. http://creativecommons.org/licenses/by/4.0
   3 .. Copyright 2017 Bell Canada & Amdocs Intellectual Property.  All rights reserved.
   4
   5 .. Links
   6 .. _release-notes-label:
   7
   8 Log Enhancements Release Notes
   9 ==============================
  10 Version: 5.0.1 El Alto Release
  11 ------------------------------
  12 El Alto
  13 -------
  14    - logging-analytics Version: 1.5.1
  15
  16 :Release Date: 2019-10-04
  17
  18 **New Features**
  19       None
  20
  21 **Bug Fixes**
  22    - `LOG-826 <https://jira.onap.org/browse/LOG-826>`_ Vulnerability issue: removed jackson-databind
  23    - `LOG-1060 <https://jira.onap.org/browse/LOG-1060>`_ Vulnerability issue: Logging CLM: fix/address/red-flag jackson-databind-2.8.6 SEC
  24    - `LOG-836 <https://jira.onap.org/browse/LOG-836>`_ Vulnerability issue: glassfish bean-validator-2.4.0-b34.jar SEC
  25    - `LOG-874 <https://jira.onap.org/browse/LOG-874>`_ Vulnerability issue: fix/address/red-flag License org.json:json-20140107.jar
  26
  27 **Known Issues**
  28    - `LOG-1159 <https://jira.onap.org/browse/LOG-1159>`_ Vulnerability issue: logging-analytics version 5.0.9.RELEASE
  29
  30 **Known Security Issues**
  31
  32   - `OJSI-200 <https://jira.onap.org/browse/OJSI-200>`_ Logging exposes unprotected APIs/UIs (CVE-2019-12125)
  33   - `OJSI-155 <https://jira.onap.org/browse/OJSI-155>`_ LOG demo target exposes plain text HTTP endpoint using port 30398
  34   - `OJSI-125 <https://jira.onap.org/browse/OJSI-125>`_ log-es exposes plain text HTTP endpoint using port 30254
  35   - `OJSI-124 <https://jira.onap.org/browse/OJSI-124>`_ log-kibana exposes plain text HTTP endpoint using port 30253
  36   - `LOG-1114 <https://jira.onap.org/browse/LOG-1114>`_ Need for "ReadWriteMany" access on storage when deploying on Kubernetes?
  37
  38 Quick Links:
  39         - `LOG project page <https://wiki.onap.org/display/DW/Logging+Enhancements+Project>`_
  40
  41         - `Passing Badge information for LOG <https://bestpractices.coreinfrastructure.org/en/projects/1578>`_
  42
  43         - `Project Vulnerability Review Table for LOG <https://wiki.onap.org/pages/viewpage.action?pageId=68541351>`_
  44
  45 **Upgrade Notes**
  46       None
  47
  48 **Deprecation Notes**
  49       None
  50
  51 **Other**
  52       None
  53
  54
  55 POMBA Release Notes
  56 -------------------
  57 POMBA is sub-project of the Logging Enhancements Project.
  58
  59 El Alto
  60 -------
  61    - pomba-audit-common Version: 1.5.1
  62    - pomba-aai-context-builder Version: 1.5.1
  63    - pomba-context-aggregator Version: 1.5.1
  64    - pomba-network-discovery-context-builder Version: 1.5.1
  65    - pomba-sdc-context-builder Version: 1.5.1
  66    - pomba-sdnc-context-builder Version: 1.5.1
  67
  68 :Release Date:  2019-10-04
  69
  70 **New Features**
  71    - None
  72
  73 **Bug Fixes**
  74    - `LOG-826 <https://jira.onap.org/browse/LOG-826>`_ Vulnerability issue: upgraded jackson-databind to version 2.9.9
  75    - `LOG-1067 <https://jira.onap.org/browse/LOG-1067>`_ Vulnerability issue: confirm rather or not commons-codec is needed for logging projects
  76    - `LOG-832 <https://jira.onap.org/browse/LOG-832>`_ Vulnerability issue:  removed jackson-databind-2.4.5.jar from pomba-audit-common
  77    - `LOG-831 <https://jira.onap.org/browse/LOG-831>`_ Vulnerability issue:  pomba-context-aggregator with javax.jms:jms-1.1.jar
  78    - `LOG-1061 <https://jira.onap.org/browse/LOG-1061>`_ Vulnerability issue: POMBA-AUDIT-COMMON fix/address/red-flag jackson-databind-2.4.5
  79    - `LOG-1063 <https://jira.onap.org/browse/LOG-1063>`_ Vulnerability issue: POMBA-SDNC-CONTEXT-BUILDER: upgraded plexus-utils to version 3.1.0
  80    - `LOG-1064 <https://jira.onap.org/browse/LOG-1064>`_ Vulnerability issue: POMBA-SDNC-CONTEXT-BUILDER: removed commons-beanutils : 1.9.3
  81    - `LOG-1116 <https://jira.onap.org/browse/LOG-1116>`_ Vulnerability issue: POMBA-SDNC-CONTEXT-BUILDER: removed commons-beanutils : 1.9.3
  82    - `LOG-1062 <https://jira.onap.org/browse/LOG-1062>`_ Vulnerability issue: POMBA-SDNC-CONTEXT-BUILDER: removed struts-core
  83    - `LOG-1121 <https://jira.onap.org/browse/LOG-1121>`_ Vulnerability issue: POMBA-CONTEXT-AGGREGATOR and POMBA-SDNC-CONTEXT-BUILDER: upgraded logback-classic to version 1.2.3
  84    - `LOG-830 <https://jira.onap.org/browse/LOG-830>`_ Vulnerability issue: Logging/POMBA CLM: fix/address/red-flag License org.json:json-20140107.jar
  85
  86 **Known Issues**
  87
  88    - `LOG-1017 <https://jira.onap.org/browse/LOG-1017>`_ Violations are thrown on attributes that are same (or missing)
  89    - `LOG-1016 <https://jira.onap.org/browse/LOG-1016>`_ When comparing attributes from multiple sources, violations thrown do not accurately show the issue.
  90    - `LOG-769 <https://jira.onap.org/browse/LOG-769>`_ POMBA aai ctx pod reports HD full - but DF shows HD is OK
  91    - `LOG-827 <https://jira.onap.org/browse/LOG-827>`_ Vulnerability issue: POMBA-SDNC-CONTEXT-BUILDER handlebars 2.0.0
  92    - `LOG-1118 <https://jira.onap.org/browse/LOG-1118>`_ Vulnerability issue: POMBA-SDNC-CONTEXT-BUILDER and POMBA-NETWORK-DISCOVERY-CONTEXT-BUILDER js-yaml
  93    - `LOG-1117 <https://jira.onap.org/browse/LOG-1117>`_ Vulnerability issue: POMBA-SDNC-CONTEXT-BUILDER and POMBA-NETWORK-DISCOVERY-CONTEXT-BUILDER uikit
  94    - `LOG-1160 <https://jira.onap.org/browse/LOG-1160>`_ Vulnerability issue: jackson-databind 2.9.9
  95    - `LOG-1016 <https://jira.onap.org/browse/LOG-1016>`_ When comparing attributes from multiple sources, violations thrown do not accurately show the issue.
  96    - `LOG-1017 <https://jira.onap.org/browse/LOG-1017>`_ Violations are thrown on attributes that are same (or missing)
  97    - `LOG-1051 <https://jira.onap.org/browse/LOG-1051>`_ pomba-data-router do not start due to wrong AAi configuration (with Dublin release of the data router but works with the Casablanca version)
  98    - `LOG-1084 <https://jira.onap.org/browse/LOG-1084>`_ Need authentication for pomba-kibana (node port = 30234)
  99    - `LOG-1085 <https://jira.onap.org/browse/LOG-1085>`_ Need authentication for logging-elasticsearch (node port = 30254)
 100    - `LOG-1086 <https://jira.onap.org/browse/LOG-1086>`_ Need authentication for logging-kibana (node port = 30253)
 101    - `LOG-1114 <https://jira.onap.org/browse/LOG-1114>`_ Need for "ReadWriteMany" access on storage when deploying on Kubernetes?
 102
 103 **Known Security Issues**
 104    - `OJSI-123 <https://jira.onap.org/browse/OJSI-123>`_ pomba-data-router exposes plain text HTTP endpoint using port 30249
 105    - `OJSI-115 <https://jira.onap.org/browse/OJSI-115>`_ pomba-kibana exposes plain text HTTP endpoint using port 30234
 106
 107 POMBA code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The LOG open Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/display/DW/El+Alto+Vulnerabilities>`_.
 108
 109 Quick Links:
 110    - `POMBA project page <https://wiki.onap.org/display/DW/POMBA>`_
 111
 112 **Upgrade Notes**
 113       None
 114
 115 **Deprecation Notes**
 116       None
 117
 118 **Other**
 119       None
 120
 121 Version: 5.0.0 El Alto Early Drop Release
 122 -----------------------------------------
 123 El Alto Early Drop
 124 ------------------
 125    - logging-analytics Version: 1.5.0
 126
 127 :Release Date: 2019-08-16
 128
 129 **New Features**
 130       None
 131
 132 **Bug Fixes**
 133    - `LOG-1066 <https://jira.onap.org/browse/LOG-1066>`_ Vulnerability issue: upgrade org.apache.tomcat.embed.tomcat-embed-core to 8.5.42
 134    - `LOG-1067 <https://jira.onap.org/browse/LOG-1067>`_ Vulnerability issue: confirm rather or not commons-codec is needed for logging projects
 135
 136 **Known Issues**
 137
 138 **Security Notes**
 139
 140 LOG code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The LOG open Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/display/DW/El+Alto+Vulnerabilities>`_.
 141
 142 Quick Links:
 143         - `LOG project page <https://wiki.onap.org/display/DW/Logging+Enhancements+Project>`_
 144
 145         - `Passing Badge information for LOG <https://bestpractices.coreinfrastructure.org/en/projects/1578>`_
 146
 147         - `Project Vulnerability Review Table for LOG <https://wiki.onap.org/pages/viewpage.action?pageId=68541351>`_
 148
 149 **Upgrade Notes**
 150       None
 151
 152 **Deprecation Notes**
 153       None
 154
 155 **Other**
 156       None
 157
 158
 159 POMBA Release Notes
 160 -------------------
 161 POMBA is sub-project of the Logging Enhancements Project.
 162
 163 El Alto Early Drop
 164 ------------------
 165    - pomba-audit-common Version: 1.5.0
 166    - pomba-aai-context-builder Version: 1.5.0
 167    - pomba-context-aggregator Version: 1.5.0
 168    - pomba-network-discovery-context-builder Version: 1.5.0
 169    - pomba-sdc-context-builder Version: 1.5.0
 170    - pomba-sdnc-context-builder Version: 1.5.0
 171
 172 :Release Date:  2019-08-16
 173
 174 **New Features**
 175    - None
 176
 177 **Bug Fixes**
 178    - `LOG-1066 <https://jira.onap.org/browse/LOG-1066>`_ Vulnerability issue: upgrade org.apache.tomcat.embed.tomcat-embed-core to 8.5.42
 179    - `LOG-1067 <https://jira.onap.org/browse/LOG-1067>`_ Vulnerability issue: confirm rather or not commons-codec is needed for logging projects
 180
 181 **Known Issues**
 182
 183    - `LOG-1017 <https://jira.onap.org/browse/LOG-1017>`_ Violations are thrown on attributes that are same (or missing)
 184    - `LOG-1016 <https://jira.onap.org/browse/LOG-1016>`_ When comparing attributes from multiple sources, violations thrown do not accurately show the issue.
 185    - `LOG-836 <https://jira.onap.org/browse/LOG-836>`_ Logging/POMBA CLM: fix/address/red-flag glassfish bean-validator-2.4.0-b34.jar SEC
 186    - `LOG-874 <https://jira.onap.org/browse/LOG-874>`_ Logging CLM: fix/address/red-flag License org.json:json-20140107.jar
 187    - `LOG-832 <https://jira.onap.org/browse/LOG-832>`_ Logging/POMBA CLM: fix/address/red-flag SEC jackson-databind-2.4.5.jar - auditcommon - even 2.9.7 is still red
 188    - `LOG-831 <https://jira.onap.org/browse/LOG-831>`_ Logging/POMBA CLM: fix/address/red-flag License javax.jms:jms-1.1.jar
 189    - `LOG-769 <https://jira.onap.org/browse/LOG-769>`_ POMBA aai ctx pod reports HD full - but DF shows HD is OK
 190    - `LOG-826 <https://jira.onap.org/browse/LOG-826>`_ Logging/POMBA CLM: fix/address/red-flag jackson-databind-2.8.11.3 SEC
 191    - `LOG-1060 <https://jira.onap.org/browse/LOG-1060>`_ Logging CLM: fix/address/red-flag jackson-databind-2.8.6 SEC
 192    - `LOG-1061 <https://jira.onap.org/browse/LOG-1061>`_ POMBA-AUDIT-COMMON CLM: fix/address/red-flag jackson-databind-2.4.5 SEC
 193    - `LOG-1063 <https://jira.onap.org/browse/LOG-1063>`_ POMBA-SDNC-CONTEXT-BUILDER CLM: fix/address/red-flag plexus-utils : 3.0.22 SEC
 194    - `LOG-1064 <https://jira.onap.org/browse/LOG-1064>`_ POMBA-SDNC-CONTEXT-BUILDER CLM: fix/address/red-flag commons-beanutils : 1.9.3 SEC
 195    - `LOG-1062 <https://jira.onap.org/browse/LOG-1062>`_ POMBA-SDNC-CONTEXT-BUILDER CLM: fix/address/red-flag struts-core : 1.3.8-2.4.5 SEC
 196    - `LOG-827 <https://jira.onap.org/browse/LOG-827>`_ Logging/POMBA CLM: fix/address/red-flag handlebars-2.0.0.js SEC - upgrade to 4.0.0+
 197    - `LOG-830 <https://jira.onap.org/browse/LOG-830>`_ Logging/POMBA CLM: fix/address/red-flag License org.json:json-20140107.jar
 198
 199 **Security Notes**
 200    - all nodeports for Kibana, context builders and data-router are open by default for now
 201
 202 POMBA code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The LOG open Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/display/DW/El+Alto+Vulnerabilities>`_.
 203
 204 Quick Links:
 205    - `POMBA project page <https://wiki.onap.org/display/DW/POMBA>`_
 206
 207 **Upgrade Notes**
 208       None
 209
 210 **Deprecation Notes**
 211       None
 212
 213 **Other**
 214       None
 215
 216 Version: 4.0.0 Dublin Release
 217 -----------------------------
 218 Dublin
 219 ------
 220    - logging-analytics Version: 1.2.6
 221
 222 :Release Date: 2019-06-18
 223
 224 **New Features**
 225
 226 **Bug Fixes**
 227
 228 **Known Issues**
 229
 230 **Security Notes**
 231    - LOG code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The LOG open Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/pages/viewpage.action?pageId=64008625>`_.
 232
 233 Quick Links:
 234         - `LOG project page <https://wiki.onap.org/display/DW/Logging+Enhancements+Project>`_
 235
 236         - `Passing Badge information for LOG <https://bestpractices.coreinfrastructure.org/en/projects/1578>`_
 237
 238         - `Project Vulnerability Review Table for LOG <https://wiki.onap.org/pages/viewpage.action?pageId=51282493>`_
 239
 240 **Upgrade Notes**
 241       None
 242
 243 **Deprecation Notes**
 244       None
 245
 246 **Other**
 247       None
 248
 249
 250 POMBA Release Notes
 251 -------------------
 252 POMBA is sub-project of the Logging Enhancements Project.
 253
 254 Dublin
 255 ------
 256    - pomba-audit-common Version: 1.4.0
 257    - pomba-aai-context-builder Version: 1.4.0
 258    - pomba-context-aggregator Version: 1.4.0
 259    - pomba-network-discovery-context-builder Version: 1.4.0
 260    - pomba-sdc-context-builder Version: 1.4.0
 261    - pomba-sdnc-context-builder Version: 1.4.0
 262
 263 :Release Date:  2019-06-18
 264
 265 **New Features**
 266    - Version 2 of the audit common model
 267    - Initial release of SDNC context builder
 268
 269 **Bug Fixes**
 270
 271
 272 **Known Issues**
 273
 274    - `LOG-1017 <https://jira.onap.org/browse/LOG-1017>`_ Violations are thrown on attributes that are same (or missing)
 275    - `LOG-1016 <https://jira.onap.org/browse/LOG-1016>`_ When comparing attributes from multiple sources, violations thrown do not accurately show the issue.
 276    - `LOG-836 <https://jira.onap.org/browse/LOG-836>`_ Logging/POMBA CLM: fix/address/red-flag glassfish bean-validator-2.4.0-b34.jar SEC
 277    - `LOG-874 <https://jira.onap.org/browse/LOG-874>`_ Logging CLM: fix/address/red-flag License org.json:json-20140107.jar
 278    - `LOG-832 <https://jira.onap.org/browse/LOG-832>`_ Logging/POMBA CLM: fix/address/red-flag SEC jackson-databind-2.4.5.jar - auditcommon - even 2.9.7 is still red
 279    - `LOG-831 <https://jira.onap.org/browse/LOG-831>`_ Logging/POMBA CLM: fix/address/red-flag License javax.jms:jms-1.1.jar
 280    - `LOG-769 <https://jira.onap.org/browse/LOG-769>`_ POMBA aai ctx pod reports HD full - but DF shows HD is OK
 281    - `LOG-826 <https://jira.onap.org/browse/LOG-826>`_ Logging/POMBA CLM: fix/address/red-flag jackson-databind-2.8.11.3 SEC
 282    - `LOG-1060 <https://jira.onap.org/browse/LOG-1060>`_ Logging CLM: fix/address/red-flag jackson-databind-2.8.6 SEC
 283    - `LOG-1061 <https://jira.onap.org/browse/LOG-1061>`_ POMBA-AUDIT-COMMON CLM: fix/address/red-flag jackson-databind-2.4.5 SEC
 284    - `LOG-1063 <https://jira.onap.org/browse/LOG-1063>`_ POMBA-SDNC-CONTEXT-BUILDER CLM: fix/address/red-flag plexus-utils : 3.0.22 SEC
 285    - `LOG-1064 <https://jira.onap.org/browse/LOG-1064>`_ POMBA-SDNC-CONTEXT-BUILDER CLM: fix/address/red-flag commons-beanutils : 1.9.3 SEC
 286    - `LOG-1062 <https://jira.onap.org/browse/LOG-1062>`_ POMBA-SDNC-CONTEXT-BUILDER CLM: fix/address/red-flag struts-core : 1.3.8-2.4.5 SEC
 287    - `LOG-827 <https://jira.onap.org/browse/LOG-827>`_ Logging/POMBA CLM: fix/address/red-flag handlebars-2.0.0.js SEC - upgrade to 4.0.0+
 288    - `LOG-830 <https://jira.onap.org/browse/LOG-830>`_ Logging/POMBA CLM: fix/address/red-flag License org.json:json-20140107.jar
 289
 290 **Security Notes**
 291    - all nodeports for Kibana, context builders and data-router are open by default for now
 292
 293 POMBA code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The LOG open Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/pages/viewpage.action?pageId=64008625>`_.
 294
 295 Quick Links:
 296    - `POMBA project page <https://wiki.onap.org/display/DW/POMBA>`_
 297
 298 **Upgrade Notes**
 299       None
 300
 301 **Deprecation Notes**
 302       None
 303
 304 **Other**
 305       None
 306
 307 Version: 3.0.1 Casablanca Release
 308 ---------------------------------
 309 Casablanca
 310 -----------
 311    - logging-analytics Version: 1.2.6
 312
 313 :Release Date: 2019-02-08
 314
 315 **New Features**
 316    - kubernetes installation upped to 1.11.5 in the Rancher 1.6.25 RI
 317    - NFS support for AWS EFS
 318
 319 **Bug Fixes**
 320    - `LOG-837 <https://jira.onap.org/browse/LOG-837>`_ Logging/POMBA CLM: fix/address/red-flag spring-mvc-5.1.2 pulls in spring-web-5.0.9
 321
 322 **Known Issues**
 323
 324    - `LOG-376 <https://jira.onap.org/browse/LOG-376>`_ Logstash load balancing is asymmetric wherever AAI is run
 325    - `LOG-895 <https://jira.onap.org/browse/LOG-895>`_ Upgrade Rancher to 1.6.25 to address CVE-2018-1002105 and move to Kubernetes 1.11.5 (server side)
 326
 327 **Security Notes**
 328
 329 LOG code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The LOG open Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/pages/viewpage.action?pageId=45307852>`_.
 330
 331 Quick Links:
 332         - `LOG project page <https://wiki.onap.org/display/DW/Logging+Enhancements+Project>`_
 333
 334         - `Passing Badge information for LOG <https://bestpractices.coreinfrastructure.org/en/projects/1578>`_
 335
 336         - `Project Vulnerability Review Table for LOG <https://wiki.onap.org/pages/viewpage.action?pageId=45307852>`_
 337
 338 **Upgrade Notes**
 339       None
 340
 341 **Deprecation Notes**
 342       None
 343
 344 **Other**
 345       None
 346
 347
 348 POMBA Release Notes
 349 -------------------
 350 POMBA is sub-project of the Logging Enhancements Project.
 351
 352 Casablanca
 353 ----------
 354    - pomba-audit-common Version: 1.3.2
 355    - pomba-aai-context-builder Version: 1.3.2
 356    - pomba-context-aggregator Version: 1.3.4
 357    - pomba-network-discovery-context-builder Version: 1.3.1
 358    - pomba-sdc-context-builder Version: 1.3.2
 359
 360 :Release Date:  2019-02-08
 361
 362 **New Features**
 363    - Version 1 of the audit common model
 364    - Initial release of context aggregator and 3 context builders
 365
 366 **Bug Fixes**
 367
 368    - `LOG-892 <https://jira.onap.org/browse/LOG-892`_ PORT - POMBA Network Discovery Context Builder does not log
 369
 370 **Known Issues**
 371
 372    - `LOG-913 <https://jira.onap.org/browse/LOG-913>`_ POMBA: 1 of 11 pods failing on sequenced startup on 3.0.0-ONAP - pomba is 22 on the order - looks timing related
 373    - `LOG-950 <https://jira.onap.org/browse/LOG-950>`_ LOG-950 upped the numbers from 10 to 30 – for intermittent deploy timing – this is an issue for several projects since 3.0.0-ONAP - the solution is a sequenced 5h deploy via `cd.sh <https://git.onap.org/logging-analytics/tree/deploy/cd.sh#n228>`_ and/or better vms for now until the `dependencies <https://wiki.onap.org/display/DW/Log+Streaming+Compliance+and+API#LogStreamingComplianceandAPI-DeploymentDependencyTree-Containerlevel>`_ and jobs are refactored into helm hooks
 374
 375 **Security Notes**
 376    - all three nodeports for kibana, context builder and data-router are open by default for now
 377
 378 POMBA code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The LOG open Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/pages/viewpage.action?pageId=28378692>`_.
 379
 380 Quick Links:
 381    - `POMBA project page <https://wiki.onap.org/display/DW/POMBA>`_
 382
 383 **Upgrade Notes**
 384       None
 385
 386 **Deprecation Notes**
 387       None
 388
 389 **Other**
 390       None
 391
 392
 393 Version: 1.2.2 Casablanca
 394 -------------------------
 395
 396 :Release Date: 2018-11-30
 397
 398 **New Features**
 399    - Demo slf4j library with marker/mdc support along with kubernetes, docker, war support projects.
 400
 401 **Bug Fixes**
 402
 403
 404 **Known Issues**
 405    - `Logstash load balancing is asymmetric wherever AAI is run <https://jira.onap.org/browse/LOG-376>`_
 406
 407 **Security Notes**
 408
 409 LOG code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The LOG open Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/pages/viewpage.action?pageId=45307852>`_.
 410
 411 Quick Links:
 412         - `LOG project page <https://wiki.onap.org/display/DW/Logging+Enhancements+Project>`_
 413
 414         - `Passing Badge information for LOG <https://bestpractices.coreinfrastructure.org/en/projects/1578>`_
 415
 416         - `Project Vulnerability Review Table for LOG <https://wiki.onap.org/pages/viewpage.action?pageId=45307852>`_
 417
 418 **Upgrade Notes**
 419       None
 420
 421 **Deprecation Notes**
 422       None
 423
 424 **Other**
 425       None
 426
 427
 428 POMBA Release Notes
 429 -------------------
 430 POMBA is sub-project of the Logging Enhancements Project.
 431
 432 Casablanca
 433 ----------
 434    - pomba-audit-common Version: 1.3.1
 435    - pomba-aai-context-builder Version: 1.3.1
 436    - pomba-context-aggregator Version: 1.3.3
 437    - pomba-network-discovery-context-builder Version: 1.3.0
 438    - pomba-sdc-context-builder Version: 1.3.1
 439
 440
 441 --------------
 442
 443 :Release Date: 2018-11-15
 444
 445 **New Features**
 446    - Version 1 of the audit common model
 447    - Initial release of context aggregator and 3 context builders
 448
 449 **Bug Fixes**
 450
 451
 452 **Known Issues**
 453
 454
 455 **Security Notes**
 456    - all three nodeports for kibana, context builder and data-router are open by default for now
 457
 458 POMBA code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The LOG open Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/pages/viewpage.action?pageId=28378692>`_.
 459
 460 Quick Links:
 461    - `POMBA project page <https://wiki.onap.org/display/DW/POMBA>`_
 462
 463 **Upgrade Notes**
 464       None
 465
 466 **Deprecation Notes**
 467       None
 468
 469 **Other**
 470       None
 471
 472 Version: Beijing
 473 ----------------
 474
 475 :Release Date: 2018-06-07
 476
 477 **New Features**
 478    - Logstash is a daemonset (clustered at 1 container per VM)
 479    - `The following applications send logs to the ELK stack - <https://jira.onap.org/browse/LOG-230>`_
 480
 481 **Bug Fixes**
 482
 483
 484 **Known Issues**
 485    - Logstash load balancing is asymmetric
 486
 487 **Security Notes**
 488    - all three nodeports for logstash, elasticsearch and kibana are open by default for now
 489
 490 LOG code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The LOG open Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/pages/viewpage.action?pageId=28378692>`_.
 491
 492 Quick Links:
 493         - `LOG project page <https://wiki.onap.org/display/DW/Logging+Enhancements+Project>`_
 494
 495         - `Passing Badge information for LOG <https://bestpractices.coreinfrastructure.org/en/projects/1578>`_
 496
 497         - `Project Vulnerability Review Table for LOG <https://wiki.onap.org/pages/viewpage.action?pageId=28378692>`_
 498
 499 **Upgrade Notes**
 500       None
 501
 502 **Deprecation Notes**
 503       None
 504
 505 **Other**
 506       Note: there was no released artifacts under 1.2.2 for Beijing - release was pushed to Casablanca
 507
 508
 509
 510 Version: 1.0.0
 511 --------------
 512
 513 :Release Date: 2017-11-16
 514
 515 **New Features**
 516
 517 This release adds Elastic Stack analytics deployment to OOM, aligns logging provider configurations, and fixes issues with the propagation of transaction IDs and other contextual information.
 518
 519     - `LOG-1 <https://jira.onap.org/browse/LOG-1>`_ Transaction ID propagation.
 520     - `LOG-2 <https://jira.onap.org/browse/LOG-2>`_ Standardized logging provider configuration.
 521     - `LOG-3 <https://jira.onap.org/browse/LOG-3>`_ Elastic Stack reference analytics pipeline.
 522     - `LOG-4 <https://jira.onap.org/browse/LOG-4>`_ Transaction ID conventions.
 523
 524 **Bug Fixes**
 525
 526     - `LOG-64 <https://jira.onap.org/browse/LOG-64>`_ Logger field has a length restriction of 36 which needs a fix.
 527     - `LOG-74 <https://jira.onap.org/browse/LOG-74>`_ Extract componentName from the source path of log files.
 528
 529 **Known Issues**
 530
 531     - `LOG-43 <https://jira.onap.org/browse/LOG-43>`_
 532       Unable to find logback xml for DMaaP component.
 533       Logging file for DMaaP is available in this jar "eelf-core-0.0.1.jar".
 534
 535     - `LOG-65 <https://jira.onap.org/browse/LOG-65>`_
 536       SO Logging Provider Config File need correction in Timestamp MDC.
 537       Logging provider configuration file for SO i.e. logback files requires correction in Timestamp MDC for correct MDC generation in log.
 538       The current pattern prints Timestamp as 2017-09-25 05:30:07,832. Expected  pattern is - 2017-09-25T05:30:07.832Z.
 539
 540     - `LOG-80 <https://jira.onap.org/browse/LOG-80>`_ Kibana does not seem to show all the logs from application pods.
 541       The content of the log directories (/var/log/onap/mso) are not 100% reflected in Kibana.
 542
 543     - `LOG-88 <https://jira.onap.org/browse/LOG-88>`_
 544       SO log format error during Health Check - blocking tracking jira for SO-246.
 545
 546 **Security Issues**
 547       None
 548
 549 **Upgrade Notes**
 550       None
 551
 552 **Deprecation Notes**
 553       None
 554
 555 **Other**
 556       None
 557
 558 ===========
 559
 560 End of Release Notes