docs/release-notes.rst

   1 .. This work is licensed under a Creative Commons Attribution 4.0 International License.
   2 .. http://creativecommons.org/licenses/by/4.0
   3 .. Copyright 2017 Bell Canada & Amdocs Intellectual Property.  All rights reserved.
   4
   5 .. Links
   6 .. _release-notes-label:
   7
   8 Log Enhancements Release Notes
   9 ==============================
  10 Version: 5.0.1 El Alto Release
  11 ------------------------------
  12 El Alto
  13 -------
  14    - logging-analytics Version: 1.5.1
  15
  16 :Release Date: 2019-10-04
  17
  18 **New Features**
  19       None
  20
  21 **Bug Fixes**
  22    - `LOG-826 <https://jira.onap.org/browse/LOG-826>`_ Vulnerability issue: removed jackson-databind
  23    - `LOG-1060 <https://jira.onap.org/browse/LOG-1060>`_ Vulnerability issue: Logging CLM: fix/address/red-flag jackson-databind-2.8.6 SEC
  24    - `LOG-836 <https://jira.onap.org/browse/LOG-836>`_ Vulnerability issue: glassfish bean-validator-2.4.0-b34.jar SEC
  25    - `LOG-874 <https://jira.onap.org/browse/LOG-874>`_ Vulnerability issue: fix/address/red-flag License org.json:json-20140107.jar
  26
  27 **Known Issues**
  28    - `LOG-1159 <https://jira.onap.org/browse/LOG-1159>`_ Vulnerability issue: logging-analytics version 5.0.9.RELEASE
  29
  30 **Known Security Issues**
  31
  32   - `OJSI-200 <https://jira.onap.org/browse/OJSI-200>`_ Logging exposes unprotected APIs/UIs (CVE-2019-12125)
  33   - `OJSI-155 <https://jira.onap.org/browse/OJSI-155>`_ LOG demo target exposes plain text HTTP endpoint using port 30398
  34   - `OJSI-125 <https://jira.onap.org/browse/OJSI-125>`_ log-es exposes plain text HTTP endpoint using port 30254
  35   - `OJSI-124 <https://jira.onap.org/browse/OJSI-124>`_ log-kibana exposes plain text HTTP endpoint using port 30253
  36
  37 Quick Links:
  38         - `LOG project page <https://wiki.onap.org/display/DW/Logging+Enhancements+Project>`_
  39
  40         - `Passing Badge information for LOG <https://bestpractices.coreinfrastructure.org/en/projects/1578>`_
  41
  42         - `Project Vulnerability Review Table for LOG <https://wiki.onap.org/pages/viewpage.action?pageId=68541351>`_
  43
  44 **Upgrade Notes**
  45       None
  46
  47 **Deprecation Notes**
  48       None
  49
  50 **Other**
  51       None
  52
  53
  54 POMBA Release Notes
  55 -------------------
  56 POMBA is sub-project of the Logging Enhancements Project.
  57
  58 El Alto
  59 -------
  60    - pomba-audit-common Version: 1.5.1
  61    - pomba-aai-context-builder Version: 1.5.1
  62    - pomba-context-aggregator Version: 1.5.1
  63    - pomba-network-discovery-context-builder Version: 1.5.1
  64    - pomba-sdc-context-builder Version: 1.5.1
  65    - pomba-sdnc-context-builder Version: 1.5.1
  66
  67 :Release Date:  2019-10-04
  68
  69 **New Features**
  70    - None
  71
  72 **Bug Fixes**
  73    - `LOG-826 <https://jira.onap.org/browse/LOG-826>`_ Vulnerability issue: upgraded jackson-databind to version 2.9.9
  74    - `LOG-1067 <https://jira.onap.org/browse/LOG-1067>`_ Vulnerability issue: confirm rather or not commons-codec is needed for logging projects
  75    - `LOG-832 <https://jira.onap.org/browse/LOG-832>`_ Vulnerability issue:  removed jackson-databind-2.4.5.jar from pomba-audit-common
  76    - `LOG-831 <https://jira.onap.org/browse/LOG-831>`_ Vulnerability issue:  pomba-context-aggregator with javax.jms:jms-1.1.jar
  77    - `LOG-1061 <https://jira.onap.org/browse/LOG-1061>`_ Vulnerability issue: POMBA-AUDIT-COMMON fix/address/red-flag jackson-databind-2.4.5
  78    - `LOG-1063 <https://jira.onap.org/browse/LOG-1063>`_ Vulnerability issue: POMBA-SDNC-CONTEXT-BUILDER: upgraded plexus-utils to version 3.1.0
  79    - `LOG-1064 <https://jira.onap.org/browse/LOG-1064>`_ Vulnerability issue: POMBA-SDNC-CONTEXT-BUILDER: removed commons-beanutils : 1.9.3
  80    - `LOG-1116 <https://jira.onap.org/browse/LOG-1116>`_ Vulnerability issue: POMBA-SDNC-CONTEXT-BUILDER: removed commons-beanutils : 1.9.3
  81    - `LOG-1062 <https://jira.onap.org/browse/LOG-1062>`_ Vulnerability issue: POMBA-SDNC-CONTEXT-BUILDER: removed struts-core
  82    - `LOG-1121 <https://jira.onap.org/browse/LOG-1121>`_ Vulnerability issue: POMBA-CONTEXT-AGGREGATOR and POMBA-SDNC-CONTEXT-BUILDER: upgraded logback-classic to version 1.2.3
  83    - `LOG-830 <https://jira.onap.org/browse/LOG-830>`_ Vulnerability issue: Logging/POMBA CLM: fix/address/red-flag License org.json:json-20140107.jar
  84
  85 **Known Issues**
  86
  87    - `LOG-1017 <https://jira.onap.org/browse/LOG-1017>`_ Violations are thrown on attributes that are same (or missing)
  88    - `LOG-1016 <https://jira.onap.org/browse/LOG-1016>`_ When comparing attributes from multiple sources, violations thrown do not accurately show the issue.
  89    - `LOG-769 <https://jira.onap.org/browse/LOG-769>`_ POMBA aai ctx pod reports HD full - but DF shows HD is OK
  90    - `LOG-827 <https://jira.onap.org/browse/LOG-827>`_ Vulnerability issue: POMBA-SDNC-CONTEXT-BUILDER handlebars 2.0.0
  91    - `LOG-1118 <https://jira.onap.org/browse/LOG-1118>`_ Vulnerability issue: POMBA-SDNC-CONTEXT-BUILDER and POMBA-NETWORK-DISCOVERY-CONTEXT-BUILDER js-yaml
  92    - `LOG-1117 <https://jira.onap.org/browse/LOG-1117>`_ Vulnerability issue: POMBA-SDNC-CONTEXT-BUILDER and POMBA-NETWORK-DISCOVERY-CONTEXT-BUILDER uikit
  93    - `LOG-1160 <https://jira.onap.org/browse/LOG-1160>`_ Vulnerability issue: jackson-databind 2.9.9
  94
  95 **Known Security Issues**
  96    - `OJSI-123 <https://jira.onap.org/browse/OJSI-123>`_ pomba-data-router exposes plain text HTTP endpoint using port 30249
  97    - `OJSI-115 <https://jira.onap.org/browse/OJSI-115>`_ pomba-kibana exposes plain text HTTP endpoint using port 30234
  98
  99 POMBA code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The LOG open Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/display/DW/El+Alto+Vulnerabilities>`_.
 100
 101 Quick Links:
 102    - `POMBA project page <https://wiki.onap.org/display/DW/POMBA>`_
 103
 104 **Upgrade Notes**
 105       None
 106
 107 **Deprecation Notes**
 108       None
 109
 110 **Other**
 111       None
 112
 113 Version: 5.0.0 El Alto Early Drop Release
 114 -----------------------------------------
 115 El Alto Early Drop
 116 ------------------
 117    - logging-analytics Version: 1.5.0
 118
 119 :Release Date: 2019-08-16
 120
 121 **New Features**
 122       None
 123
 124 **Bug Fixes**
 125    - `LOG-1066 <https://jira.onap.org/browse/LOG-1066>`_ Vulnerability issue: upgrade org.apache.tomcat.embed.tomcat-embed-core to 8.5.42
 126    - `LOG-1067 <https://jira.onap.org/browse/LOG-1067>`_ Vulnerability issue: confirm rather or not commons-codec is needed for logging projects
 127
 128 **Known Issues**
 129
 130 **Security Notes**
 131
 132 LOG code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The LOG open Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/display/DW/El+Alto+Vulnerabilities>`_.
 133
 134 Quick Links:
 135         - `LOG project page <https://wiki.onap.org/display/DW/Logging+Enhancements+Project>`_
 136
 137         - `Passing Badge information for LOG <https://bestpractices.coreinfrastructure.org/en/projects/1578>`_
 138
 139         - `Project Vulnerability Review Table for LOG <https://wiki.onap.org/pages/viewpage.action?pageId=68541351>`_
 140
 141 **Upgrade Notes**
 142       None
 143
 144 **Deprecation Notes**
 145       None
 146
 147 **Other**
 148       None
 149
 150
 151 POMBA Release Notes
 152 -------------------
 153 POMBA is sub-project of the Logging Enhancements Project.
 154
 155 El Alto Early Drop
 156 ------------------
 157    - pomba-audit-common Version: 1.5.0
 158    - pomba-aai-context-builder Version: 1.5.0
 159    - pomba-context-aggregator Version: 1.5.0
 160    - pomba-network-discovery-context-builder Version: 1.5.0
 161    - pomba-sdc-context-builder Version: 1.5.0
 162    - pomba-sdnc-context-builder Version: 1.5.0
 163
 164 :Release Date:  2019-08-16
 165
 166 **New Features**
 167    - None
 168
 169 **Bug Fixes**
 170    - `LOG-1066 <https://jira.onap.org/browse/LOG-1066>`_ Vulnerability issue: upgrade org.apache.tomcat.embed.tomcat-embed-core to 8.5.42
 171    - `LOG-1067 <https://jira.onap.org/browse/LOG-1067>`_ Vulnerability issue: confirm rather or not commons-codec is needed for logging projects
 172
 173 **Known Issues**
 174
 175    - `LOG-1017 <https://jira.onap.org/browse/LOG-1017>`_ Violations are thrown on attributes that are same (or missing)
 176    - `LOG-1016 <https://jira.onap.org/browse/LOG-1016>`_ When comparing attributes from multiple sources, violations thrown do not accurately show the issue.
 177    - `LOG-836 <https://jira.onap.org/browse/LOG-836>`_ Logging/POMBA CLM: fix/address/red-flag glassfish bean-validator-2.4.0-b34.jar SEC
 178    - `LOG-874 <https://jira.onap.org/browse/LOG-874>`_ Logging CLM: fix/address/red-flag License org.json:json-20140107.jar
 179    - `LOG-832 <https://jira.onap.org/browse/LOG-832>`_ Logging/POMBA CLM: fix/address/red-flag SEC jackson-databind-2.4.5.jar - auditcommon - even 2.9.7 is still red
 180    - `LOG-831 <https://jira.onap.org/browse/LOG-831>`_ Logging/POMBA CLM: fix/address/red-flag License javax.jms:jms-1.1.jar
 181    - `LOG-769 <https://jira.onap.org/browse/LOG-769>`_ POMBA aai ctx pod reports HD full - but DF shows HD is OK
 182    - `LOG-826 <https://jira.onap.org/browse/LOG-826>`_ Logging/POMBA CLM: fix/address/red-flag jackson-databind-2.8.11.3 SEC
 183    - `LOG-1060 <https://jira.onap.org/browse/LOG-1060>`_ Logging CLM: fix/address/red-flag jackson-databind-2.8.6 SEC
 184    - `LOG-1061 <https://jira.onap.org/browse/LOG-1061>`_ POMBA-AUDIT-COMMON CLM: fix/address/red-flag jackson-databind-2.4.5 SEC
 185    - `LOG-1063 <https://jira.onap.org/browse/LOG-1063>`_ POMBA-SDNC-CONTEXT-BUILDER CLM: fix/address/red-flag plexus-utils : 3.0.22 SEC
 186    - `LOG-1064 <https://jira.onap.org/browse/LOG-1064>`_ POMBA-SDNC-CONTEXT-BUILDER CLM: fix/address/red-flag commons-beanutils : 1.9.3 SEC
 187    - `LOG-1062 <https://jira.onap.org/browse/LOG-1062>`_ POMBA-SDNC-CONTEXT-BUILDER CLM: fix/address/red-flag struts-core : 1.3.8-2.4.5 SEC
 188    - `LOG-827 <https://jira.onap.org/browse/LOG-827>`_ Logging/POMBA CLM: fix/address/red-flag handlebars-2.0.0.js SEC - upgrade to 4.0.0+
 189    - `LOG-830 <https://jira.onap.org/browse/LOG-830>`_ Logging/POMBA CLM: fix/address/red-flag License org.json:json-20140107.jar
 190
 191 **Security Notes**
 192    - all nodeports for Kibana, context builders and data-router are open by default for now
 193
 194 POMBA code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The LOG open Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/display/DW/El+Alto+Vulnerabilities>`_.
 195
 196 Quick Links:
 197    - `POMBA project page <https://wiki.onap.org/display/DW/POMBA>`_
 198
 199 **Upgrade Notes**
 200       None
 201
 202 **Deprecation Notes**
 203       None
 204
 205 **Other**
 206       None
 207
 208 Version: 4.0.0 Dublin Release
 209 -----------------------------
 210 Dublin
 211 ------
 212    - logging-analytics Version: 1.2.6
 213
 214 :Release Date: 2019-06-18
 215
 216 **New Features**
 217
 218 **Bug Fixes**
 219
 220 **Known Issues**
 221
 222 **Security Notes**
 223    - LOG code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The LOG open Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/pages/viewpage.action?pageId=64008625>`_.
 224
 225 Quick Links:
 226         - `LOG project page <https://wiki.onap.org/display/DW/Logging+Enhancements+Project>`_
 227
 228         - `Passing Badge information for LOG <https://bestpractices.coreinfrastructure.org/en/projects/1578>`_
 229
 230         - `Project Vulnerability Review Table for LOG <https://wiki.onap.org/pages/viewpage.action?pageId=51282493>`_
 231
 232 **Upgrade Notes**
 233       None
 234
 235 **Deprecation Notes**
 236       None
 237
 238 **Other**
 239       None
 240
 241
 242 POMBA Release Notes
 243 -------------------
 244 POMBA is sub-project of the Logging Enhancements Project.
 245
 246 Dublin
 247 ------
 248    - pomba-audit-common Version: 1.4.0
 249    - pomba-aai-context-builder Version: 1.4.0
 250    - pomba-context-aggregator Version: 1.4.0
 251    - pomba-network-discovery-context-builder Version: 1.4.0
 252    - pomba-sdc-context-builder Version: 1.4.0
 253    - pomba-sdnc-context-builder Version: 1.4.0
 254
 255 :Release Date:  2019-06-18
 256
 257 **New Features**
 258    - Version 2 of the audit common model
 259    - Initial release of SDNC context builder
 260
 261 **Bug Fixes**
 262
 263
 264 **Known Issues**
 265
 266    - `LOG-1017 <https://jira.onap.org/browse/LOG-1017>`_ Violations are thrown on attributes that are same (or missing)
 267    - `LOG-1016 <https://jira.onap.org/browse/LOG-1016>`_ When comparing attributes from multiple sources, violations thrown do not accurately show the issue.
 268    - `LOG-836 <https://jira.onap.org/browse/LOG-836>`_ Logging/POMBA CLM: fix/address/red-flag glassfish bean-validator-2.4.0-b34.jar SEC
 269    - `LOG-874 <https://jira.onap.org/browse/LOG-874>`_ Logging CLM: fix/address/red-flag License org.json:json-20140107.jar
 270    - `LOG-832 <https://jira.onap.org/browse/LOG-832>`_ Logging/POMBA CLM: fix/address/red-flag SEC jackson-databind-2.4.5.jar - auditcommon - even 2.9.7 is still red
 271    - `LOG-831 <https://jira.onap.org/browse/LOG-831>`_ Logging/POMBA CLM: fix/address/red-flag License javax.jms:jms-1.1.jar
 272    - `LOG-769 <https://jira.onap.org/browse/LOG-769>`_ POMBA aai ctx pod reports HD full - but DF shows HD is OK
 273    - `LOG-826 <https://jira.onap.org/browse/LOG-826>`_ Logging/POMBA CLM: fix/address/red-flag jackson-databind-2.8.11.3 SEC
 274    - `LOG-1060 <https://jira.onap.org/browse/LOG-1060>`_ Logging CLM: fix/address/red-flag jackson-databind-2.8.6 SEC
 275    - `LOG-1061 <https://jira.onap.org/browse/LOG-1061>`_ POMBA-AUDIT-COMMON CLM: fix/address/red-flag jackson-databind-2.4.5 SEC
 276    - `LOG-1063 <https://jira.onap.org/browse/LOG-1063>`_ POMBA-SDNC-CONTEXT-BUILDER CLM: fix/address/red-flag plexus-utils : 3.0.22 SEC
 277    - `LOG-1064 <https://jira.onap.org/browse/LOG-1064>`_ POMBA-SDNC-CONTEXT-BUILDER CLM: fix/address/red-flag commons-beanutils : 1.9.3 SEC
 278    - `LOG-1062 <https://jira.onap.org/browse/LOG-1062>`_ POMBA-SDNC-CONTEXT-BUILDER CLM: fix/address/red-flag struts-core : 1.3.8-2.4.5 SEC
 279    - `LOG-827 <https://jira.onap.org/browse/LOG-827>`_ Logging/POMBA CLM: fix/address/red-flag handlebars-2.0.0.js SEC - upgrade to 4.0.0+
 280    - `LOG-830 <https://jira.onap.org/browse/LOG-830>`_ Logging/POMBA CLM: fix/address/red-flag License org.json:json-20140107.jar
 281
 282 **Security Notes**
 283    - all nodeports for Kibana, context builders and data-router are open by default for now
 284
 285 POMBA code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The LOG open Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/pages/viewpage.action?pageId=64008625>`_.
 286
 287 Quick Links:
 288    - `POMBA project page <https://wiki.onap.org/display/DW/POMBA>`_
 289
 290 **Upgrade Notes**
 291       None
 292
 293 **Deprecation Notes**
 294       None
 295
 296 **Other**
 297       None
 298
 299 Version: 3.0.1 Casablanca Release
 300 ---------------------------------
 301 Casablanca
 302 -----------
 303    - logging-analytics Version: 1.2.6
 304
 305 :Release Date: 2019-02-08
 306
 307 **New Features**
 308    - kubernetes installation upped to 1.11.5 in the Rancher 1.6.25 RI
 309    - NFS support for AWS EFS
 310
 311 **Bug Fixes**
 312    - `LOG-837 <https://jira.onap.org/browse/LOG-837>`_ Logging/POMBA CLM: fix/address/red-flag spring-mvc-5.1.2 pulls in spring-web-5.0.9
 313
 314 **Known Issues**
 315
 316    - `LOG-376 <https://jira.onap.org/browse/LOG-376>`_ Logstash load balancing is asymmetric wherever AAI is run
 317    - `LOG-895 <https://jira.onap.org/browse/LOG-895>`_ Upgrade Rancher to 1.6.25 to address CVE-2018-1002105 and move to Kubernetes 1.11.5 (server side)
 318
 319 **Security Notes**
 320
 321 LOG code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The LOG open Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/pages/viewpage.action?pageId=45307852>`_.
 322
 323 Quick Links:
 324         - `LOG project page <https://wiki.onap.org/display/DW/Logging+Enhancements+Project>`_
 325
 326         - `Passing Badge information for LOG <https://bestpractices.coreinfrastructure.org/en/projects/1578>`_
 327
 328         - `Project Vulnerability Review Table for LOG <https://wiki.onap.org/pages/viewpage.action?pageId=45307852>`_
 329
 330 **Upgrade Notes**
 331       None
 332
 333 **Deprecation Notes**
 334       None
 335
 336 **Other**
 337       None
 338
 339
 340 POMBA Release Notes
 341 -------------------
 342 POMBA is sub-project of the Logging Enhancements Project.
 343
 344 Casablanca
 345 ----------
 346    - pomba-audit-common Version: 1.3.2
 347    - pomba-aai-context-builder Version: 1.3.2
 348    - pomba-context-aggregator Version: 1.3.4
 349    - pomba-network-discovery-context-builder Version: 1.3.1
 350    - pomba-sdc-context-builder Version: 1.3.2
 351
 352 :Release Date:  2019-02-08
 353
 354 **New Features**
 355    - Version 1 of the audit common model
 356    - Initial release of context aggregator and 3 context builders
 357
 358 **Bug Fixes**
 359
 360    - `LOG-892 <https://jira.onap.org/browse/LOG-892`_ PORT - POMBA Network Discovery Context Builder does not log
 361
 362 **Known Issues**
 363
 364    - `LOG-913 <https://jira.onap.org/browse/LOG-913>`_ POMBA: 1 of 11 pods failing on sequenced startup on 3.0.0-ONAP - pomba is 22 on the order - looks timing related
 365    - `LOG-950 <https://jira.onap.org/browse/LOG-950>`_ LOG-950 upped the numbers from 10 to 30 – for intermittent deploy timing – this is an issue for several projects since 3.0.0-ONAP - the solution is a sequenced 5h deploy via `cd.sh <https://git.onap.org/logging-analytics/tree/deploy/cd.sh#n228>`_ and/or better vms for now until the `dependencies <https://wiki.onap.org/display/DW/Log+Streaming+Compliance+and+API#LogStreamingComplianceandAPI-DeploymentDependencyTree-Containerlevel>`_ and jobs are refactored into helm hooks
 366
 367 **Security Notes**
 368    - all three nodeports for kibana, context builder and data-router are open by default for now
 369
 370 POMBA code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The LOG open Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/pages/viewpage.action?pageId=28378692>`_.
 371
 372 Quick Links:
 373    - `POMBA project page <https://wiki.onap.org/display/DW/POMBA>`_
 374
 375 **Upgrade Notes**
 376       None
 377
 378 **Deprecation Notes**
 379       None
 380
 381 **Other**
 382       None
 383
 384
 385 Version: 1.2.2 Casablanca
 386 -------------------------
 387
 388 :Release Date: 2018-11-30
 389
 390 **New Features**
 391    - Demo slf4j library with marker/mdc support along with kubernetes, docker, war support projects.
 392
 393 **Bug Fixes**
 394
 395
 396 **Known Issues**
 397    - `Logstash load balancing is asymmetric wherever AAI is run <https://jira.onap.org/browse/LOG-376>`_
 398
 399 **Security Notes**
 400
 401 LOG code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The LOG open Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/pages/viewpage.action?pageId=45307852>`_.
 402
 403 Quick Links:
 404         - `LOG project page <https://wiki.onap.org/display/DW/Logging+Enhancements+Project>`_
 405
 406         - `Passing Badge information for LOG <https://bestpractices.coreinfrastructure.org/en/projects/1578>`_
 407
 408         - `Project Vulnerability Review Table for LOG <https://wiki.onap.org/pages/viewpage.action?pageId=45307852>`_
 409
 410 **Upgrade Notes**
 411       None
 412
 413 **Deprecation Notes**
 414       None
 415
 416 **Other**
 417       None
 418
 419
 420 POMBA Release Notes
 421 -------------------
 422 POMBA is sub-project of the Logging Enhancements Project.
 423
 424 Casablanca
 425 ----------
 426    - pomba-audit-common Version: 1.3.1
 427    - pomba-aai-context-builder Version: 1.3.1
 428    - pomba-context-aggregator Version: 1.3.3
 429    - pomba-network-discovery-context-builder Version: 1.3.0
 430    - pomba-sdc-context-builder Version: 1.3.1
 431
 432
 433 --------------
 434
 435 :Release Date: 2018-11-15
 436
 437 **New Features**
 438    - Version 1 of the audit common model
 439    - Initial release of context aggregator and 3 context builders
 440
 441 **Bug Fixes**
 442
 443
 444 **Known Issues**
 445
 446
 447 **Security Notes**
 448    - all three nodeports for kibana, context builder and data-router are open by default for now
 449
 450 POMBA code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The LOG open Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/pages/viewpage.action?pageId=28378692>`_.
 451
 452 Quick Links:
 453    - `POMBA project page <https://wiki.onap.org/display/DW/POMBA>`_
 454
 455 **Upgrade Notes**
 456       None
 457
 458 **Deprecation Notes**
 459       None
 460
 461 **Other**
 462       None
 463
 464 Version: Beijing
 465 ----------------
 466
 467 :Release Date: 2018-06-07
 468
 469 **New Features**
 470    - Logstash is a daemonset (clustered at 1 container per VM)
 471    - `The following applications send logs to the ELK stack - <https://jira.onap.org/browse/LOG-230>`_
 472
 473 **Bug Fixes**
 474
 475
 476 **Known Issues**
 477    - Logstash load balancing is asymmetric
 478
 479 **Security Notes**
 480    - all three nodeports for logstash, elasticsearch and kibana are open by default for now
 481
 482 LOG code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The LOG open Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/pages/viewpage.action?pageId=28378692>`_.
 483
 484 Quick Links:
 485         - `LOG project page <https://wiki.onap.org/display/DW/Logging+Enhancements+Project>`_
 486
 487         - `Passing Badge information for LOG <https://bestpractices.coreinfrastructure.org/en/projects/1578>`_
 488
 489         - `Project Vulnerability Review Table for LOG <https://wiki.onap.org/pages/viewpage.action?pageId=28378692>`_
 490
 491 **Upgrade Notes**
 492       None
 493
 494 **Deprecation Notes**
 495       None
 496
 497 **Other**
 498       Note: there was no released artifacts under 1.2.2 for Beijing - release was pushed to Casablanca
 499
 500
 501
 502 Version: 1.0.0
 503 --------------
 504
 505 :Release Date: 2017-11-16
 506
 507 **New Features**
 508
 509 This release adds Elastic Stack analytics deployment to OOM, aligns logging provider configurations, and fixes issues with the propagation of transaction IDs and other contextual information.
 510
 511     - `LOG-1 <https://jira.onap.org/browse/LOG-1>`_ Transaction ID propagation.
 512     - `LOG-2 <https://jira.onap.org/browse/LOG-2>`_ Standardized logging provider configuration.
 513     - `LOG-3 <https://jira.onap.org/browse/LOG-3>`_ Elastic Stack reference analytics pipeline.
 514     - `LOG-4 <https://jira.onap.org/browse/LOG-4>`_ Transaction ID conventions.
 515
 516 **Bug Fixes**
 517
 518     - `LOG-64 <https://jira.onap.org/browse/LOG-64>`_ Logger field has a length restriction of 36 which needs a fix.
 519     - `LOG-74 <https://jira.onap.org/browse/LOG-74>`_ Extract componentName from the source path of log files.
 520
 521 **Known Issues**
 522
 523     - `LOG-43 <https://jira.onap.org/browse/LOG-43>`_
 524       Unable to find logback xml for DMaaP component.
 525       Logging file for DMaaP is available in this jar "eelf-core-0.0.1.jar".
 526
 527     - `LOG-65 <https://jira.onap.org/browse/LOG-65>`_
 528       SO Logging Provider Config File need correction in Timestamp MDC.
 529       Logging provider configuration file for SO i.e. logback files requires correction in Timestamp MDC for correct MDC generation in log.
 530       The current pattern prints Timestamp as 2017-09-25 05:30:07,832. Expected  pattern is - 2017-09-25T05:30:07.832Z.
 531
 532     - `LOG-80 <https://jira.onap.org/browse/LOG-80>`_ Kibana does not seem to show all the logs from application pods.
 533       The content of the log directories (/var/log/onap/mso) are not 100% reflected in Kibana.
 534
 535     - `LOG-88 <https://jira.onap.org/browse/LOG-88>`_
 536       SO log format error during Health Check - blocking tracking jira for SO-246.
 537
 538 **Security Issues**
 539       None
 540
 541 **Upgrade Notes**
 542       None
 543
 544 **Deprecation Notes**
 545       None
 546
 547 **Other**
 548       None
 549
 550 ===========
 551
 552 End of Release Notes