Skip to content

Commit 24edd26

Browse files
paalonsopaalonso
committed
Updates diagrams
1 parent d7b0996 commit 24edd26

1 file changed

Lines changed: 87 additions & 0 deletions

File tree

  • operations-advisory/multi-cloud-operating-models/operational-security/CISDashboard

operations-advisory/multi-cloud-operating-models/operational-security/CISDashboard/README.md

Lines changed: 87 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -12,6 +12,93 @@ The **CIS Compliance Dashboard** solution builds the following:
1212

1313
**Architecture diagram**
1414

15+
**Setup flow**
16+
17+
```mermaid
18+
%%{init: {"theme": "base", "look": "handDrawn", "themeVariables": {"fontFamily": "Oracle Sans, OracleSans, Arial, Helvetica, sans-serif", "fontWeight": "700", "primaryColor": "#fff7e6", "primaryBorderColor": "#2f4858", "primaryTextColor": "#1f2933", "lineColor": "#2f4858", "secondaryColor": "#e8f4f8", "tertiaryColor": "#f5eef8", "clusterBkg": "#fbfbf2", "clusterBorder": "#6b7280"}}}%%
19+
flowchart LR
20+
operator["Security / Cloud Operations User"]
21+
22+
subgraph setup["<b><span style='font-size:20px'>One-time Log Analytics Setup</span></b>"]
23+
log_group["Log Analytics Log Group"]
24+
terraform["Terraform Import<br/>oci_log_analytics_import_custom_content"]
25+
zip_content["Custom Content ZIP Files<br/>Log sources and parsers"]
26+
log_sources["Custom Log Sources and Parsers<br/>CISSummary, CISIdentity, CISNetworking,<br/>CISCompute, CISLoggingMonitoring, CISStorage"]
27+
dashboard_json["CISDashboard3.0.json"]
28+
dashboard["OCI Management Dashboard<br/>Saved searches, filters, widgets"]
29+
end
30+
31+
operator -->|"Creates / selects"| log_group
32+
operator -->|"Runs terraform apply"| terraform
33+
zip_content -->|"Referenced by terraform.tfvars"| terraform
34+
terraform -->|"Imports / overwrites"| log_sources
35+
log_sources -->|"Available to parse uploads in"| log_group
36+
operator -->|"Imports dashboard JSON"| dashboard_json
37+
dashboard_json --> dashboard
38+
dashboard -->|"Queries Log Analytics data in"| log_group
39+
40+
style setup font-size:20px,font-weight:700
41+
classDef person fill:#fff3bf,stroke:#7a4f01,stroke-width:2px,color:#1f2933
42+
classDef tool fill:#dff3ff,stroke:#0f5f7a,stroke-width:2px,color:#1f2933
43+
classDef content fill:#f6e7ff,stroke:#6f3c8f,stroke-width:2px,color:#1f2933
44+
classDef oci fill:#e8f8ee,stroke:#2f7d46,stroke-width:2px,color:#1f2933
45+
class operator person
46+
class terraform,dashboard_json tool
47+
class zip_content,log_sources content
48+
class log_group,dashboard oci
49+
linkStyle default stroke:#2f4858,stroke-width:2px,stroke-dasharray:5 4
50+
```
51+
52+
**Compliance execution flow**
53+
54+
```mermaid
55+
%%{init: {"theme": "base", "look": "handDrawn", "themeVariables": {"fontFamily": "Oracle Sans, OracleSans, Arial, Helvetica, sans-serif", "fontWeight": "700", "primaryColor": "#fff7e6", "primaryBorderColor": "#2f4858", "primaryTextColor": "#1f2933", "lineColor": "#2f4858", "secondaryColor": "#e8f4f8", "tertiaryColor": "#f5eef8", "clusterBkg": "#fbfbf2", "clusterBorder": "#6b7280"}}}%%
56+
flowchart LR
57+
operator["Security / Cloud Operations User"]
58+
59+
subgraph tenancy["OCI Tenancy"]
60+
resources["OCI Resources<br/>IAM, Networking, Compute,<br/>Logging, Storage"]
61+
cis_script["OCI CIS Compliance Script<br/>cis_reports.py"]
62+
csv_reports["CIS CSV Reports<br/>summary and finding files"]
63+
uploader["cisla_upload.py<br/>Cloud Shell delegation token,<br/>instance principal, security token,<br/>or OCI config auth"]
64+
namespace["Object Storage Namespace Lookup"]
65+
la_upload["Log Analytics<br/>On-demand Upload API"]
66+
log_group["Log Analytics Log Group"]
67+
log_sources["Imported CIS Log Sources and Parsers"]
68+
la_data["Parsed CIS Compliance Records"]
69+
dashboard["OCI Management Dashboard<br/>CIS3.0 Compliance"]
70+
end
71+
72+
operator -->|"Runs upload script with report directory and log group OCID"| uploader
73+
operator -->|"Runs CIS assessment"| cis_script
74+
resources -->|"Scanned by"| cis_script
75+
cis_script -->|"Generates"| csv_reports
76+
csv_reports --> uploader
77+
uploader -->|"Gets namespace"| namespace
78+
uploader -->|"Maps each CSV to a CIS log source"| la_upload
79+
namespace --> la_upload
80+
la_upload -->|"Stores in"| log_group
81+
log_sources -->|"Parse matching CSV records"| log_group
82+
log_group --> la_data
83+
la_data -->|"Queried by Log Analytics saved searches"| dashboard
84+
operator -->|"Reviews findings and trends"| dashboard
85+
86+
style tenancy font-size:20px,font-weight:700
87+
classDef person fill:#fff3bf,stroke:#7a4f01,stroke-width:2px,color:#1f2933
88+
classDef source fill:#e8f8ee,stroke:#2f7d46,stroke-width:2px,color:#1f2933
89+
classDef script fill:#dff3ff,stroke:#0f5f7a,stroke-width:2px,color:#1f2933
90+
classDef data fill:#f6e7ff,stroke:#6f3c8f,stroke-width:2px,color:#1f2933
91+
classDef service fill:#fde2e2,stroke:#9b2c2c,stroke-width:2px,color:#1f2933
92+
class operator person
93+
class resources,log_group,dashboard source
94+
class cis_script,uploader script
95+
class csv_reports,namespace,la_data data
96+
class la_upload,log_sources service
97+
linkStyle default stroke:#2f4858,stroke-width:2px,stroke-dasharray:5 4
98+
```
99+
100+
The dashboard has two main paths: a setup path that imports the Log Analytics custom content and dashboard definition, and an operational path that runs the CIS assessment, uploads selected CSV outputs, and visualizes the parsed findings in the OCI Management Dashboard.
101+
15102
You can see an example of how the CIS Dashboard looks like below:
16103

17104
![CIS Dashboard Example](./files/images/CISDashboard_example.png)

0 commit comments

Comments
 (0)