From 986478eab823750ad6934838c7f497f169949c47 Mon Sep 17 00:00:00 2001
From: Major Hayden <major@mhtx.net>
Date: Wed, 7 Oct 2015 14:52:41 -0500
Subject: [PATCH] V-3852{0,1}: Back up log/audit records

Implements: blueprint security-hardening

Change-Id: I8ce5af2f7ef2a7bf9da8ba91c55cd313eca5f268
---
 doc/source/developer-notes/V-38520.rst | 8 ++++++++
 doc/source/developer-notes/V-38521.rst | 1 +
 2 files changed, 9 insertions(+)
 create mode 100644 doc/source/developer-notes/V-38520.rst
 create mode 120000 doc/source/developer-notes/V-38521.rst

diff --git a/doc/source/developer-notes/V-38520.rst b/doc/source/developer-notes/V-38520.rst
new file mode 100644
index 00000000..013b4a7e
--- /dev/null
+++ b/doc/source/developer-notes/V-38520.rst
@@ -0,0 +1,8 @@
+**Exception**
+
+At the moment, openstack-ansible already sends logs to the rsyslog container
+from various containers and hosts. However, deployers are strongly urged
+to forward these logs to a system outside their openstack-ansible environment
+to ensure that they cannot be altered.
+
+Some compliance programs require centralized logging, including PCI-DSS.
diff --git a/doc/source/developer-notes/V-38521.rst b/doc/source/developer-notes/V-38521.rst
new file mode 120000
index 00000000..460b4106
--- /dev/null
+++ b/doc/source/developer-notes/V-38521.rst
@@ -0,0 +1 @@
+V-38520.rst
\ No newline at end of file