docs/release-notes.rst

   1 .. This work is licensed under a Creative Commons Attribution 4.0 International License.
   2 .. http://creativecommons.org/licenses/by/4.0
   3 .. Copyright 2017 Bell Canada & Amdocs Intellectual Property.  All rights reserved.
   4 .. _release_notes:
   5
   6 .. Links
   7 .. _release-notes-label:
   8
   9 Log Enhancements Release Notes
  10 ==============================
  11 Version: 5.0.1 El Alto Release
  12 ------------------------------
  13 El Alto
  14 -------
  15    - logging-analytics Version: 1.5.1
  16
  17 :Release Date: 2019-10-04
  18
  19 **New Features**
  20       None
  21
  22 **Bug Fixes**
  23    - `LOG-826 <https://jira.onap.org/browse/LOG-826>`_ Vulnerability issue: removed jackson-databind
  24    - `LOG-1060 <https://jira.onap.org/browse/LOG-1060>`_ Vulnerability issue: Logging CLM: fix/address/red-flag jackson-databind-2.8.6 SEC
  25    - `LOG-836 <https://jira.onap.org/browse/LOG-836>`_ Vulnerability issue: glassfish bean-validator-2.4.0-b34.jar SEC
  26    - `LOG-874 <https://jira.onap.org/browse/LOG-874>`_ Vulnerability issue: fix/address/red-flag License org.json:json-20140107.jar
  27
  28 **Known Issues**
  29    - `LOG-1159 <https://jira.onap.org/browse/LOG-1159>`_ Vulnerability issue: logging-analytics version 5.0.9.RELEASE
  30
  31 **Known Security Issues**
  32
  33   - `OJSI-200 <https://jira.onap.org/browse/OJSI-200>`_ Logging exposes unprotected APIs/UIs (CVE-2019-12125)
  34   - `OJSI-155 <https://jira.onap.org/browse/OJSI-155>`_ LOG demo target exposes plain text HTTP endpoint using port 30398
  35   - `OJSI-125 <https://jira.onap.org/browse/OJSI-125>`_ log-es exposes plain text HTTP endpoint using port 30254
  36   - `OJSI-124 <https://jira.onap.org/browse/OJSI-124>`_ log-kibana exposes plain text HTTP endpoint using port 30253
  37   - `LOG-1114 <https://jira.onap.org/browse/LOG-1114>`_ Need for "ReadWriteMany" access on storage when deploying on Kubernetes?
  38
  39 Quick Links:
  40         - `LOG project page <https://wiki.onap.org/display/DW/Logging+Enhancements+Project>`_
  41
  42         - `Passing Badge information for LOG <https://bestpractices.coreinfrastructure.org/en/projects/1578>`_
  43
  44         - `Project Vulnerability Review Table for LOG <https://wiki.onap.org/pages/viewpage.action?pageId=68541351>`_
  45
  46 **Upgrade Notes**
  47       None
  48
  49 **Deprecation Notes**
  50       None
  51
  52 **Other**
  53       None
  54
  55
  56 POMBA Release Notes
  57 -------------------
  58 POMBA is sub-project of the Logging Enhancements Project.
  59
  60 El Alto
  61 -------
  62    - pomba-audit-common Version: 1.5.1
  63    - pomba-aai-context-builder Version: 1.5.1
  64    - pomba-context-aggregator Version: 1.5.1
  65    - pomba-network-discovery-context-builder Version: 1.5.1
  66    - pomba-sdc-context-builder Version: 1.5.1
  67    - pomba-sdnc-context-builder Version: 1.5.1
  68
  69 :Release Date:  2019-10-04
  70
  71 **New Features**
  72    - None
  73
  74 **Bug Fixes**
  75    - `LOG-826 <https://jira.onap.org/browse/LOG-826>`_ Vulnerability issue: upgraded jackson-databind to version 2.9.9
  76    - `LOG-1067 <https://jira.onap.org/browse/LOG-1067>`_ Vulnerability issue: confirm rather or not commons-codec is needed for logging projects
  77    - `LOG-832 <https://jira.onap.org/browse/LOG-832>`_ Vulnerability issue:  removed jackson-databind-2.4.5.jar from pomba-audit-common
  78    - `LOG-831 <https://jira.onap.org/browse/LOG-831>`_ Vulnerability issue:  pomba-context-aggregator with javax.jms:jms-1.1.jar
  79    - `LOG-1061 <https://jira.onap.org/browse/LOG-1061>`_ Vulnerability issue: POMBA-AUDIT-COMMON fix/address/red-flag jackson-databind-2.4.5
  80    - `LOG-1063 <https://jira.onap.org/browse/LOG-1063>`_ Vulnerability issue: POMBA-SDNC-CONTEXT-BUILDER: upgraded plexus-utils to version 3.1.0
  81    - `LOG-1064 <https://jira.onap.org/browse/LOG-1064>`_ Vulnerability issue: POMBA-SDNC-CONTEXT-BUILDER: removed commons-beanutils : 1.9.3
  82    - `LOG-1116 <https://jira.onap.org/browse/LOG-1116>`_ Vulnerability issue: POMBA-SDNC-CONTEXT-BUILDER: removed commons-beanutils : 1.9.3
  83    - `LOG-1062 <https://jira.onap.org/browse/LOG-1062>`_ Vulnerability issue: POMBA-SDNC-CONTEXT-BUILDER: removed struts-core
  84    - `LOG-1121 <https://jira.onap.org/browse/LOG-1121>`_ Vulnerability issue: POMBA-CONTEXT-AGGREGATOR and POMBA-SDNC-CONTEXT-BUILDER: upgraded logback-classic to version 1.2.3
  85    - `LOG-830 <https://jira.onap.org/browse/LOG-830>`_ Vulnerability issue: Logging/POMBA CLM: fix/address/red-flag License org.json:json-20140107.jar
  86
  87 **Known Issues**
  88
  89    - `LOG-1017 <https://jira.onap.org/browse/LOG-1017>`_ Violations are thrown on attributes that are same (or missing)
  90    - `LOG-1016 <https://jira.onap.org/browse/LOG-1016>`_ When comparing attributes from multiple sources, violations thrown do not accurately show the issue.
  91    - `LOG-769 <https://jira.onap.org/browse/LOG-769>`_ POMBA aai ctx pod reports HD full - but DF shows HD is OK
  92    - `LOG-827 <https://jira.onap.org/browse/LOG-827>`_ Vulnerability issue: POMBA-SDNC-CONTEXT-BUILDER handlebars 2.0.0
  93    - `LOG-1118 <https://jira.onap.org/browse/LOG-1118>`_ Vulnerability issue: POMBA-SDNC-CONTEXT-BUILDER and POMBA-NETWORK-DISCOVERY-CONTEXT-BUILDER js-yaml
  94    - `LOG-1117 <https://jira.onap.org/browse/LOG-1117>`_ Vulnerability issue: POMBA-SDNC-CONTEXT-BUILDER and POMBA-NETWORK-DISCOVERY-CONTEXT-BUILDER uikit
  95    - `LOG-1160 <https://jira.onap.org/browse/LOG-1160>`_ Vulnerability issue: jackson-databind 2.9.9
  96    - `LOG-1016 <https://jira.onap.org/browse/LOG-1016>`_ When comparing attributes from multiple sources, violations thrown do not accurately show the issue.
  97    - `LOG-1017 <https://jira.onap.org/browse/LOG-1017>`_ Violations are thrown on attributes that are same (or missing)
  98    - `LOG-1051 <https://jira.onap.org/browse/LOG-1051>`_ pomba-data-router do not start due to wrong AAi configuration (with Dublin release of the data router but works with the Casablanca version)
  99    - `LOG-1084 <https://jira.onap.org/browse/LOG-1084>`_ Need authentication for pomba-kibana (node port = 30234)
 100    - `LOG-1085 <https://jira.onap.org/browse/LOG-1085>`_ Need authentication for logging-elasticsearch (node port = 30254)
 101    - `LOG-1086 <https://jira.onap.org/browse/LOG-1086>`_ Need authentication for logging-kibana (node port = 30253)
 102    - `LOG-1114 <https://jira.onap.org/browse/LOG-1114>`_ Need for "ReadWriteMany" access on storage when deploying on Kubernetes?
 103
 104 **Known Security Issues**
 105    - `OJSI-123 <https://jira.onap.org/browse/OJSI-123>`_ pomba-data-router exposes plain text HTTP endpoint using port 30249
 106    - `OJSI-115 <https://jira.onap.org/browse/OJSI-115>`_ pomba-kibana exposes plain text HTTP endpoint using port 30234
 107
 108 POMBA code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The LOG open Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/display/DW/El+Alto+Vulnerabilities>`_.
 109
 110 Quick Links:
 111    - `POMBA project page <https://wiki.onap.org/display/DW/POMBA>`_
 112
 113 **Upgrade Notes**
 114       None
 115
 116 **Deprecation Notes**
 117       None
 118
 119 **Other**
 120       None
 121
 122 Version: 5.0.0 El Alto Early Drop Release
 123 -----------------------------------------
 124 El Alto Early Drop
 125 ------------------
 126    - logging-analytics Version: 1.5.0
 127
 128 :Release Date: 2019-08-16
 129
 130 **New Features**
 131       None
 132
 133 **Bug Fixes**
 134    - `LOG-1066 <https://jira.onap.org/browse/LOG-1066>`_ Vulnerability issue: upgrade org.apache.tomcat.embed.tomcat-embed-core to 8.5.42
 135    - `LOG-1067 <https://jira.onap.org/browse/LOG-1067>`_ Vulnerability issue: confirm rather or not commons-codec is needed for logging projects
 136
 137 **Known Issues**
 138
 139 **Security Notes**
 140
 141 LOG code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The LOG open Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/display/DW/El+Alto+Vulnerabilities>`_.
 142
 143 Quick Links:
 144         - `LOG project page <https://wiki.onap.org/display/DW/Logging+Enhancements+Project>`_
 145
 146         - `Passing Badge information for LOG <https://bestpractices.coreinfrastructure.org/en/projects/1578>`_
 147
 148         - `Project Vulnerability Review Table for LOG <https://wiki.onap.org/pages/viewpage.action?pageId=68541351>`_
 149
 150 **Upgrade Notes**
 151       None
 152
 153 **Deprecation Notes**
 154       None
 155
 156 **Other**
 157       None
 158
 159
 160 POMBA Release Notes
 161 -------------------
 162 POMBA is sub-project of the Logging Enhancements Project.
 163
 164 El Alto Early Drop
 165 ------------------
 166    - pomba-audit-common Version: 1.5.0
 167    - pomba-aai-context-builder Version: 1.5.0
 168    - pomba-context-aggregator Version: 1.5.0
 169    - pomba-network-discovery-context-builder Version: 1.5.0
 170    - pomba-sdc-context-builder Version: 1.5.0
 171    - pomba-sdnc-context-builder Version: 1.5.0
 172
 173 :Release Date:  2019-08-16
 174
 175 **New Features**
 176    - None
 177
 178 **Bug Fixes**
 179    - `LOG-1066 <https://jira.onap.org/browse/LOG-1066>`_ Vulnerability issue: upgrade org.apache.tomcat.embed.tomcat-embed-core to 8.5.42
 180    - `LOG-1067 <https://jira.onap.org/browse/LOG-1067>`_ Vulnerability issue: confirm rather or not commons-codec is needed for logging projects
 181
 182 **Known Issues**
 183
 184    - `LOG-1017 <https://jira.onap.org/browse/LOG-1017>`_ Violations are thrown on attributes that are same (or missing)
 185    - `LOG-1016 <https://jira.onap.org/browse/LOG-1016>`_ When comparing attributes from multiple sources, violations thrown do not accurately show the issue.
 186    - `LOG-836 <https://jira.onap.org/browse/LOG-836>`_ Logging/POMBA CLM: fix/address/red-flag glassfish bean-validator-2.4.0-b34.jar SEC
 187    - `LOG-874 <https://jira.onap.org/browse/LOG-874>`_ Logging CLM: fix/address/red-flag License org.json:json-20140107.jar
 188    - `LOG-832 <https://jira.onap.org/browse/LOG-832>`_ Logging/POMBA CLM: fix/address/red-flag SEC jackson-databind-2.4.5.jar - auditcommon - even 2.9.7 is still red
 189    - `LOG-831 <https://jira.onap.org/browse/LOG-831>`_ Logging/POMBA CLM: fix/address/red-flag License javax.jms:jms-1.1.jar
 190    - `LOG-769 <https://jira.onap.org/browse/LOG-769>`_ POMBA aai ctx pod reports HD full - but DF shows HD is OK
 191    - `LOG-826 <https://jira.onap.org/browse/LOG-826>`_ Logging/POMBA CLM: fix/address/red-flag jackson-databind-2.8.11.3 SEC
 192    - `LOG-1060 <https://jira.onap.org/browse/LOG-1060>`_ Logging CLM: fix/address/red-flag jackson-databind-2.8.6 SEC
 193    - `LOG-1061 <https://jira.onap.org/browse/LOG-1061>`_ POMBA-AUDIT-COMMON CLM: fix/address/red-flag jackson-databind-2.4.5 SEC
 194    - `LOG-1063 <https://jira.onap.org/browse/LOG-1063>`_ POMBA-SDNC-CONTEXT-BUILDER CLM: fix/address/red-flag plexus-utils : 3.0.22 SEC
 195    - `LOG-1064 <https://jira.onap.org/browse/LOG-1064>`_ POMBA-SDNC-CONTEXT-BUILDER CLM: fix/address/red-flag commons-beanutils : 1.9.3 SEC
 196    - `LOG-1062 <https://jira.onap.org/browse/LOG-1062>`_ POMBA-SDNC-CONTEXT-BUILDER CLM: fix/address/red-flag struts-core : 1.3.8-2.4.5 SEC
 197    - `LOG-827 <https://jira.onap.org/browse/LOG-827>`_ Logging/POMBA CLM: fix/address/red-flag handlebars-2.0.0.js SEC - upgrade to 4.0.0+
 198    - `LOG-830 <https://jira.onap.org/browse/LOG-830>`_ Logging/POMBA CLM: fix/address/red-flag License org.json:json-20140107.jar
 199
 200 **Security Notes**
 201    - all nodeports for Kibana, context builders and data-router are open by default for now
 202
 203 POMBA code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The LOG open Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/display/DW/El+Alto+Vulnerabilities>`_.
 204
 205 Quick Links:
 206    - `POMBA project page <https://wiki.onap.org/display/DW/POMBA>`_
 207
 208 **Upgrade Notes**
 209       None
 210
 211 **Deprecation Notes**
 212       None
 213
 214 **Other**
 215       None
 216
 217 Version: 4.0.0 Dublin Release
 218 -----------------------------
 219 Dublin
 220 ------
 221    - logging-analytics Version: 1.2.6
 222
 223 :Release Date: 2019-06-18
 224
 225 **New Features**
 226
 227 **Bug Fixes**
 228
 229 **Known Issues**
 230
 231 **Security Notes**
 232    - LOG code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The LOG open Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/pages/viewpage.action?pageId=64008625>`_.
 233
 234 Quick Links:
 235         - `LOG project page <https://wiki.onap.org/display/DW/Logging+Enhancements+Project>`_
 236
 237         - `Passing Badge information for LOG <https://bestpractices.coreinfrastructure.org/en/projects/1578>`_
 238
 239         - `Project Vulnerability Review Table for LOG <https://wiki.onap.org/pages/viewpage.action?pageId=51282493>`_
 240
 241 **Upgrade Notes**
 242       None
 243
 244 **Deprecation Notes**
 245       None
 246
 247 **Other**
 248       None
 249
 250
 251 POMBA Release Notes
 252 -------------------
 253 POMBA is sub-project of the Logging Enhancements Project.
 254
 255 Dublin
 256 ------
 257    - pomba-audit-common Version: 1.4.0
 258    - pomba-aai-context-builder Version: 1.4.0
 259    - pomba-context-aggregator Version: 1.4.0
 260    - pomba-network-discovery-context-builder Version: 1.4.0
 261    - pomba-sdc-context-builder Version: 1.4.0
 262    - pomba-sdnc-context-builder Version: 1.4.0
 263
 264 :Release Date:  2019-06-18
 265
 266 **New Features**
 267    - Version 2 of the audit common model
 268    - Initial release of SDNC context builder
 269
 270 **Bug Fixes**
 271
 272
 273 **Known Issues**
 274
 275    - `LOG-1017 <https://jira.onap.org/browse/LOG-1017>`_ Violations are thrown on attributes that are same (or missing)
 276    - `LOG-1016 <https://jira.onap.org/browse/LOG-1016>`_ When comparing attributes from multiple sources, violations thrown do not accurately show the issue.
 277    - `LOG-836 <https://jira.onap.org/browse/LOG-836>`_ Logging/POMBA CLM: fix/address/red-flag glassfish bean-validator-2.4.0-b34.jar SEC
 278    - `LOG-874 <https://jira.onap.org/browse/LOG-874>`_ Logging CLM: fix/address/red-flag License org.json:json-20140107.jar
 279    - `LOG-832 <https://jira.onap.org/browse/LOG-832>`_ Logging/POMBA CLM: fix/address/red-flag SEC jackson-databind-2.4.5.jar - auditcommon - even 2.9.7 is still red
 280    - `LOG-831 <https://jira.onap.org/browse/LOG-831>`_ Logging/POMBA CLM: fix/address/red-flag License javax.jms:jms-1.1.jar
 281    - `LOG-769 <https://jira.onap.org/browse/LOG-769>`_ POMBA aai ctx pod reports HD full - but DF shows HD is OK
 282    - `LOG-826 <https://jira.onap.org/browse/LOG-826>`_ Logging/POMBA CLM: fix/address/red-flag jackson-databind-2.8.11.3 SEC
 283    - `LOG-1060 <https://jira.onap.org/browse/LOG-1060>`_ Logging CLM: fix/address/red-flag jackson-databind-2.8.6 SEC
 284    - `LOG-1061 <https://jira.onap.org/browse/LOG-1061>`_ POMBA-AUDIT-COMMON CLM: fix/address/red-flag jackson-databind-2.4.5 SEC
 285    - `LOG-1063 <https://jira.onap.org/browse/LOG-1063>`_ POMBA-SDNC-CONTEXT-BUILDER CLM: fix/address/red-flag plexus-utils : 3.0.22 SEC
 286    - `LOG-1064 <https://jira.onap.org/browse/LOG-1064>`_ POMBA-SDNC-CONTEXT-BUILDER CLM: fix/address/red-flag commons-beanutils : 1.9.3 SEC
 287    - `LOG-1062 <https://jira.onap.org/browse/LOG-1062>`_ POMBA-SDNC-CONTEXT-BUILDER CLM: fix/address/red-flag struts-core : 1.3.8-2.4.5 SEC
 288    - `LOG-827 <https://jira.onap.org/browse/LOG-827>`_ Logging/POMBA CLM: fix/address/red-flag handlebars-2.0.0.js SEC - upgrade to 4.0.0+
 289    - `LOG-830 <https://jira.onap.org/browse/LOG-830>`_ Logging/POMBA CLM: fix/address/red-flag License org.json:json-20140107.jar
 290
 291 **Security Notes**
 292    - all nodeports for Kibana, context builders and data-router are open by default for now
 293
 294 POMBA code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The LOG open Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/pages/viewpage.action?pageId=64008625>`_.
 295
 296 Quick Links:
 297    - `POMBA project page <https://wiki.onap.org/display/DW/POMBA>`_
 298
 299 **Upgrade Notes**
 300       None
 301
 302 **Deprecation Notes**
 303       None
 304
 305 **Other**
 306       None
 307
 308 Version: 3.0.1 Casablanca Release
 309 ---------------------------------
 310 Casablanca
 311 -----------
 312    - logging-analytics Version: 1.2.6
 313
 314 :Release Date: 2019-02-08
 315
 316 **New Features**
 317    - kubernetes installation upped to 1.11.5 in the Rancher 1.6.25 RI
 318    - NFS support for AWS EFS
 319
 320 **Bug Fixes**
 321    - `LOG-837 <https://jira.onap.org/browse/LOG-837>`_ Logging/POMBA CLM: fix/address/red-flag spring-mvc-5.1.2 pulls in spring-web-5.0.9
 322
 323 **Known Issues**
 324
 325    - `LOG-376 <https://jira.onap.org/browse/LOG-376>`_ Logstash load balancing is asymmetric wherever AAI is run
 326    - `LOG-895 <https://jira.onap.org/browse/LOG-895>`_ Upgrade Rancher to 1.6.25 to address CVE-2018-1002105 and move to Kubernetes 1.11.5 (server side)
 327
 328 **Security Notes**
 329
 330 LOG code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The LOG open Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/pages/viewpage.action?pageId=45307852>`_.
 331
 332 Quick Links:
 333         - `LOG project page <https://wiki.onap.org/display/DW/Logging+Enhancements+Project>`_
 334
 335         - `Passing Badge information for LOG <https://bestpractices.coreinfrastructure.org/en/projects/1578>`_
 336
 337         - `Project Vulnerability Review Table for LOG <https://wiki.onap.org/pages/viewpage.action?pageId=45307852>`_
 338
 339 **Upgrade Notes**
 340       None
 341
 342 **Deprecation Notes**
 343       None
 344
 345 **Other**
 346       None
 347
 348
 349 POMBA Release Notes
 350 -------------------
 351 POMBA is sub-project of the Logging Enhancements Project.
 352
 353 Casablanca
 354 ----------
 355    - pomba-audit-common Version: 1.3.2
 356    - pomba-aai-context-builder Version: 1.3.2
 357    - pomba-context-aggregator Version: 1.3.4
 358    - pomba-network-discovery-context-builder Version: 1.3.1
 359    - pomba-sdc-context-builder Version: 1.3.2
 360
 361 :Release Date:  2019-02-08
 362
 363 **New Features**
 364    - Version 1 of the audit common model
 365    - Initial release of context aggregator and 3 context builders
 366
 367 **Bug Fixes**
 368
 369    - `LOG-892 <https://jira.onap.org/browse/LOG-892`_ PORT - POMBA Network Discovery Context Builder does not log
 370
 371 **Known Issues**
 372
 373    - `LOG-913 <https://jira.onap.org/browse/LOG-913>`_ POMBA: 1 of 11 pods failing on sequenced startup on 3.0.0-ONAP - pomba is 22 on the order - looks timing related
 374    - `LOG-950 <https://jira.onap.org/browse/LOG-950>`_ LOG-950 upped the numbers from 10 to 30 - for intermittent deploy timing - this is an issue for several projects since 3.0.0-ONAP - the solution is a sequenced 5h deploy via `cd.sh <https://git.onap.org/logging-analytics/tree/deploy/cd.sh#n228>`_ and/or better vms for now until the `dependencies <https://wiki.onap.org/display/DW/Log+Streaming+Compliance+and+API#LogStreamingComplianceandAPI-DeploymentDependencyTree-Containerlevel>`_ and jobs are refactored into helm hooks
 375
 376 **Security Notes**
 377    - all three nodeports for kibana, context builder and data-router are open by default for now
 378
 379 POMBA code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The LOG open Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/pages/viewpage.action?pageId=28378692>`_.
 380
 381 Quick Links:
 382    - `POMBA project page <https://wiki.onap.org/display/DW/POMBA>`_
 383
 384 **Upgrade Notes**
 385       None
 386
 387 **Deprecation Notes**
 388       None
 389
 390 **Other**
 391       None
 392
 393
 394 Version: 1.2.2 Casablanca
 395 -------------------------
 396
 397 :Release Date: 2018-11-30
 398
 399 **New Features**
 400    - Demo slf4j library with marker/mdc support along with kubernetes, docker, war support projects.
 401
 402 **Bug Fixes**
 403
 404
 405 **Known Issues**
 406    - `Logstash load balancing is asymmetric wherever AAI is run <https://jira.onap.org/browse/LOG-376>`_
 407
 408 **Security Notes**
 409
 410 LOG code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The LOG open Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/pages/viewpage.action?pageId=45307852>`_.
 411
 412 Quick Links:
 413         - `LOG project page <https://wiki.onap.org/display/DW/Logging+Enhancements+Project>`_
 414
 415         - `Passing Badge information for LOG <https://bestpractices.coreinfrastructure.org/en/projects/1578>`_
 416
 417         - `Project Vulnerability Review Table for LOG <https://wiki.onap.org/pages/viewpage.action?pageId=45307852>`_
 418
 419 **Upgrade Notes**
 420       None
 421
 422 **Deprecation Notes**
 423       None
 424
 425 **Other**
 426       None
 427
 428
 429 POMBA Release Notes
 430 -------------------
 431 POMBA is sub-project of the Logging Enhancements Project.
 432
 433 Casablanca
 434 ----------
 435    - pomba-audit-common Version: 1.3.1
 436    - pomba-aai-context-builder Version: 1.3.1
 437    - pomba-context-aggregator Version: 1.3.3
 438    - pomba-network-discovery-context-builder Version: 1.3.0
 439    - pomba-sdc-context-builder Version: 1.3.1
 440
 441
 442 --------------
 443
 444 :Release Date: 2018-11-15
 445
 446 **New Features**
 447    - Version 1 of the audit common model
 448    - Initial release of context aggregator and 3 context builders
 449
 450 **Bug Fixes**
 451
 452
 453 **Known Issues**
 454
 455
 456 **Security Notes**
 457    - all three nodeports for kibana, context builder and data-router are open by default for now
 458
 459 POMBA code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The LOG open Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/pages/viewpage.action?pageId=28378692>`_.
 460
 461 Quick Links:
 462    - `POMBA project page <https://wiki.onap.org/display/DW/POMBA>`_
 463
 464 **Upgrade Notes**
 465       None
 466
 467 **Deprecation Notes**
 468       None
 469
 470 **Other**
 471       None
 472
 473 Version: Beijing
 474 ----------------
 475
 476 :Release Date: 2018-06-07
 477
 478 **New Features**
 479    - Logstash is a daemonset (clustered at 1 container per VM)
 480    - `The following applications send logs to the ELK stack - <https://jira.onap.org/browse/LOG-230>`_
 481
 482 **Bug Fixes**
 483
 484
 485 **Known Issues**
 486    - Logstash load balancing is asymmetric
 487
 488 **Security Notes**
 489    - all three nodeports for logstash, elasticsearch and kibana are open by default for now
 490
 491 LOG code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The LOG open Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/pages/viewpage.action?pageId=28378692>`_.
 492
 493 Quick Links:
 494         - `LOG project page <https://wiki.onap.org/display/DW/Logging+Enhancements+Project>`_
 495
 496         - `Passing Badge information for LOG <https://bestpractices.coreinfrastructure.org/en/projects/1578>`_
 497
 498         - `Project Vulnerability Review Table for LOG <https://wiki.onap.org/pages/viewpage.action?pageId=28378692>`_
 499
 500 **Upgrade Notes**
 501       None
 502
 503 **Deprecation Notes**
 504       None
 505
 506 **Other**
 507       Note: there was no released artifacts under 1.2.2 for Beijing - release was pushed to Casablanca
 508
 509
 510
 511 Version: 1.0.0
 512 --------------
 513
 514 :Release Date: 2017-11-16
 515
 516 **New Features**
 517
 518 This release adds Elastic Stack analytics deployment to OOM, aligns logging provider configurations, and fixes issues with the propagation of transaction IDs and other contextual information.
 519
 520     - `LOG-1 <https://jira.onap.org/browse/LOG-1>`_ Transaction ID propagation.
 521     - `LOG-2 <https://jira.onap.org/browse/LOG-2>`_ Standardized logging provider configuration.
 522     - `LOG-3 <https://jira.onap.org/browse/LOG-3>`_ Elastic Stack reference analytics pipeline.
 523     - `LOG-4 <https://jira.onap.org/browse/LOG-4>`_ Transaction ID conventions.
 524
 525 **Bug Fixes**
 526
 527     - `LOG-64 <https://jira.onap.org/browse/LOG-64>`_ Logger field has a length restriction of 36 which needs a fix.
 528     - `LOG-74 <https://jira.onap.org/browse/LOG-74>`_ Extract componentName from the source path of log files.
 529
 530 **Known Issues**
 531
 532     - `LOG-43 <https://jira.onap.org/browse/LOG-43>`_
 533       Unable to find logback xml for DMaaP component.
 534       Logging file for DMaaP is available in this jar "eelf-core-0.0.1.jar".
 535
 536     - `LOG-65 <https://jira.onap.org/browse/LOG-65>`_
 537       SO Logging Provider Config File need correction in Timestamp MDC.
 538       Logging provider configuration file for SO i.e. logback files requires correction in Timestamp MDC for correct MDC generation in log.
 539       The current pattern prints Timestamp as 2017-09-25 05:30:07,832. Expected  pattern is - 2017-09-25T05:30:07.832Z.
 540
 541     - `LOG-80 <https://jira.onap.org/browse/LOG-80>`_ Kibana does not seem to show all the logs from application pods.
 542       The content of the log directories (/var/log/onap/mso) are not 100% reflected in Kibana.
 543
 544     - `LOG-88 <https://jira.onap.org/browse/LOG-88>`_
 545       SO log format error during Health Check - blocking tracking jira for SO-246.
 546
 547 **Security Issues**
 548       None
 549
 550 **Upgrade Notes**
 551       None
 552
 553 **Deprecation Notes**
 554       None
 555
 556 **Other**
 557       None
 558
 559 ===========
 560
 561 End of Release Notes