Elastic Configuration
- MDM
- Limiting log access based on zone is a priority requirement.
- Still need to create a custom realm so that
MDM Service Configuration
MDM + Elastic service configuration is required one-time.
Log File
- Is there a log per zone or one large log file.
- File location
- Grok patterns
- ElasticSearch default superuser username/password needs to be changed
Per Zone Configuration
Users and roles need to be considered on a per zone basis. Notifications need to following naming conventions defined here so that log messages can be properly indexed.
- Create user per zone
- Created via API on POST /zone - should be identical to zone name
- Updated if zone name is changed
- Create roles for zone
- Created via API on POST /zone - should be identical to zone name
- Update if zone name is changed
- Set appropriate role/cluster privileges
- Set appropriate index privileges (indices)
- Filters added per role