You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We are currently preparing for the upcoming 1.0 GA release. Feature requests that are not aligned with
the current roadmap and are not aimed at stabilizing and preparing the Collector for the release will
not be prioritized.
Is your feature request related to a problem? Please describe.
The integration of OSCAL(Open Security Controls Assessment Language) data collection would significantly enhance OpenTelemetry's capabilities, particularly in the areas of security compliance and risk management.
Many organizations are increasingly relying on OSCAL as a standardized format to manage and assess their security controls and compliance with various frameworks (e.g., NIST, FedRAMP). Currently, there is no seamless way to collect, process, or analyze OSCAL data within the OpenTelemetry ecosystem. Enabling OpenTelemetry to natively support OSCAL data would bridge this gap and provide a unified observability solution that includes security controls assessment alongside traditional telemetry data.
Describe the solution you'd like
Data Model Extension:
Extend OpenTelemetry’s data model to support OSCAL data types, including assessment plans, system security plans, and control implementations.
Ensure compatibility with existing OpenTelemetry constructs like traces, metrics, and logs.
Collector Integration:
Develop or extend existing OpenTelemetry collectors to ingest OSCAL data from various sources, such as JSON, XML, or YAML files.
Implement parsers that can translate OSCAL data formats into OpenTelemetry's internal data representation.
Processing and Correlation:
Implement processors to correlate OSCAL data with existing telemetry data (e.g., associating security controls with specific services or infrastructure components based on trace IDs or other metadata).
Allow enrichment of telemetry data with relevant security compliance information derived from OSCAL documents.
Exporters and Storage:
Develop exporters that can export OSCAL data alongside other telemetry data to backends that support compliance and security monitoring.
Consider storage format options to ensure that OSCAL data can be efficiently queried and analyzed in conjunction with other telemetry data.
Describe alternatives you've considered
Additional context
The text was updated successfully, but these errors were encountered:
Important (read before submitting)
We are currently preparing for the upcoming 1.0 GA release. Feature requests that are not aligned with
the current roadmap and are not aimed at stabilizing and preparing the Collector for the release will
not be prioritized.
Is your feature request related to a problem? Please describe.
The integration of OSCAL(Open Security Controls Assessment Language) data collection would significantly enhance OpenTelemetry's capabilities, particularly in the areas of security compliance and risk management.
Many organizations are increasingly relying on OSCAL as a standardized format to manage and assess their security controls and compliance with various frameworks (e.g., NIST, FedRAMP). Currently, there is no seamless way to collect, process, or analyze OSCAL data within the OpenTelemetry ecosystem. Enabling OpenTelemetry to natively support OSCAL data would bridge this gap and provide a unified observability solution that includes security controls assessment alongside traditional telemetry data.
Describe the solution you'd like
Describe alternatives you've considered
Additional context
The text was updated successfully, but these errors were encountered: