This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Poor Logging Practice: Multiple Loggers"

From OWASP
Jump to: navigation, search
(Description)
(Reverting to last version not containing links to www.textallial.com)
 
(5 intermediate revisions by 2 users not shown)
Line 1: Line 1:
{{Template:Vulnerability}}
+
{{template:CandidateForDeletion}}
{{Template:Fortify}}
 
  
==Abstract==
+
#REDIRECT [[Poor Logging Practice]]
  
It is a poor logging practice to use multiple loggers rather than logging levels in a single class.
+
 
 +
 
 +
Last revision (mm/dd/yy): '''{{REVISIONMONTH}}/{{REVISIONDAY}}/{{REVISIONYEAR}}'''
  
 
==Description==
 
==Description==
 +
 +
It is a poor logging practice to use multiple loggers rather than logging levels in a single class.
  
 
Good logging practice dictates the use of a single logger that supports different logging levels for each class.
 
Good logging practice dictates the use of a single logger that supports different logging levels for each class.
  
==Examples ==
+
 
 +
 
 +
==Risk Factors==
 +
 
 +
TBD
 +
 
 +
==Examples==
  
 
The following code errantly declares multiple loggers.
 
The following code errantly declares multiple loggers.
Line 27: Line 36:
 
</pre>
 
</pre>
  
==Related Threats==
 
  
==Related Attacks==
+
==Related [[Attacks]]==
 +
 
 +
* [[Attack 1]]
 +
* [[Attack 2]]
 +
 
 +
 
 +
==Related [[Vulnerabilities]]==
 +
 
 +
* [[Vulnerability 1]]
 +
* [[Vulnerabiltiy 2]]
 +
 
 +
==Related [[Controls]]==
 +
 
 +
* [[Control 1]]
 +
* [[Control 2]]
 +
 
  
==Related Vulnerabilities==
+
==Related [[Technical Impacts]]==
  
==Related Countermeasures==
+
* [[Technical Impact 1]]
 +
* [[Technical Impact 2]]
  
==Categories==
 
  
[[Category:Code Quality Vulnerability]]
+
==References==
 +
Note: A reference to related [http://cwe.mitre.org/ CWE] or [http://capec.mitre.org/ CAPEC] article should be added when exists. Eg:
  
[[Category:Logging and Auditing Vulnerability]]
+
* [http://cwe.mitre.org/data/definitions/79.html CWE 79].
 +
* http://www.link1.com
 +
* [http://www.link2.com Title for the link2]
  
[[Category:Java]]
 
  
[[Category:Implementation]]
 
  
[[Category:Code Snippet]]
+
__NOTOC__

Latest revision as of 18:29, 27 May 2009

Template:CandidateForDeletion 

#REDIRECT Poor Logging Practice


Last revision (mm/dd/yy): 05/27/2009

Description

It is a poor logging practice to use multiple loggers rather than logging levels in a single class.

Good logging practice dictates the use of a single logger that supports different logging levels for each class.


Risk Factors

TBD

Examples

The following code errantly declares multiple loggers. 

	public class MyClass {
	  private final static Logger good =     
				Logger.getLogger(MyClass.class);
	  private final static Logger bad =     
				Logger.getLogger(MyClass.class);
	  private final static Logger ugly =     
				Logger.getLogger(MyClass.class);
	  ...
	}


Related Attacks


Related Vulnerabilities

Related Controls


Related Technical Impacts


References

Note: A reference to related CWE or CAPEC article should be added when exists. Eg:



Retrieved from "https://wiki.owasp.org/index.php?title=Poor_Logging_Practice:_Multiple_Loggers&oldid=62632"