-
Notifications
You must be signed in to change notification settings - Fork 350
ElasticSearch Proposal
Navin Chandra edited this page Aug 25, 2024
·
1 revision
The proposed design has Elasticsearch which will store logs a period of time(lets assume a week) and discovery engine will query the Elastic Search for aggregated data and recommend policy based on it.
Another thing we can do is that we can run is storing audit logs and KIEM report and based on it can run a query to get all the used permission by a subject and then compare it with already given rules to recommend over privilege subjects.