This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Poor Logging Practice

From OWASP
Revision as of 16:01, 21 July 2006 by Weilin Zhong (talk | contribs) (Abstract)

Jump to: navigation, search

This is a Vulnerability. To view all vulnerabilities, please see the Vulnerability Category page.

This article includes content generously donated to OWASP by MicroFocus Logo.png

Abstract

Loggers should be declared to be static and final.

Description

It is good programming practice to share a single logger object between all of the instances of a particular class and to use the same logger for the duration of the program.

Examples

The following statement errantly declares a non-static logger. 

	private final Logger logger =     
				Logger.getLogger(MyClass.class);

Related Threats

Related Attacks

Related Vulnerabilities

Related Countermeasures

Categories

Retrieved from "https://wiki.owasp.org/index.php?title=Poor_Logging_Practice&oldid=7739"