openshift/openshift-docs
1
0
Fork 0
mirror of https://github.com/openshift/openshift-docs.git synced 2026-02-05 12:46:18 +01:00
Code Issues Releases Activity
Files
enterprise-4.21
openshift-docs/networking/network_security/logging-network-security.adoc
EricPonvelle b33f11ed22 OSDOCS-14508: Prune networking
2025-09-24 15:38:31 +00:00

51 lines
2.1 KiB
Plaintext
Raw Permalink Blame History

:_mod-docs-content-type: ASSEMBLY
[id="logging-network-security"]
= Audit logging for network security
include::_attributes/common-attributes.adoc[]
:context: logging-network-security
toc::[]
The OVN-Kubernetes network plugin uses Open Virtual Network (OVN) access control lists (ACLs) to manage `AdminNetworkPolicy`, `BaselineAdminNetworkPolicy`, `NetworkPolicy`, and `EgressFirewall` objects. Audit logging exposes `allow` and `deny` ACL events for `NetworkPolicy`, `EgressFirewall` and `BaselineAdminNetworkPolicy` custom resources (CR). Logging also exposes `allow`, `deny`, and `pass` ACL events for `AdminNetworkPolicy` (ANP) CR.
[NOTE]
====
Audit logging is available for only the xref:../../networking/ovn_kubernetes_network_provider/about-ovn-kubernetes.adoc#about-ovn-kubernetes[OVN-Kubernetes network plugin].
====
include::modules/nw-audit-configuration.adoc[leveloffset=+1]
include::modules/nw-operator-cr.adoc[tag=policy-audit]
// Audit logging
include::modules/nw-networkpolicy-audit-concept.adoc[leveloffset=+1]
[role="_additional-resources"]
.Additional resources
* xref:../../networking/network_security/network-policy-apis.adoc#network-policy-apis[Understanding network policy APIs]
include::modules/nw-anp-audit-logging-concept.adoc[leveloffset=+1]
include::modules/nw-banp-audit-logging-concept.adoc[leveloffset=+1]
include::modules/nw-networkpolicy-audit-configure.adoc[leveloffset=+1]
include::modules/nw-networkpolicy-audit-enable.adoc[leveloffset=+1]
include::modules/nw-networkpolicy-audit-disable.adoc[leveloffset=+1]
ifndef::openshift-rosa-hcp[]
[id="{context}-additional-resources"]
[role="_additional-resources"]
== Additional resources
ifdef::openshift-rosa,openshift-enterprise[]
* xref:../../networking/network_security/network_policy/about-network-policy.adoc#about-network-policy[About network policy]
endif::openshift-rosa,openshift-enterprise[]
ifndef::openshift-dedicated,openshift-rosa[]
* xref:../../networking/network_security/egress_firewall/configuring-egress-firewall-ovn.adoc#configuring-egress-firewall-ovn[Configuring an egress firewall for a project]
endif::openshift-dedicated,openshift-rosa[]
endif::openshift-rosa-hcp[]
View Git Blame Copy Permalink