This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Poor Logging Practice: Multiple Loggers"
From OWASP
Weilin Zhong (talk | contribs) (→Description) |
(Reverting to last version not containing links to www.textallial.com) |
||
(5 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
− | {{ | + | {{template:CandidateForDeletion}} |
− | |||
− | + | #REDIRECT [[Poor Logging Practice]] | |
− | + | ||
+ | |||
+ | Last revision (mm/dd/yy): '''{{REVISIONMONTH}}/{{REVISIONDAY}}/{{REVISIONYEAR}}''' | ||
==Description== | ==Description== | ||
+ | |||
+ | It is a poor logging practice to use multiple loggers rather than logging levels in a single class. | ||
Good logging practice dictates the use of a single logger that supports different logging levels for each class. | Good logging practice dictates the use of a single logger that supports different logging levels for each class. | ||
− | ==Examples == | + | |
+ | |||
+ | ==Risk Factors== | ||
+ | |||
+ | TBD | ||
+ | |||
+ | ==Examples== | ||
The following code errantly declares multiple loggers. | The following code errantly declares multiple loggers. | ||
Line 27: | Line 36: | ||
</pre> | </pre> | ||
− | |||
− | ==Related Attacks== | + | ==Related [[Attacks]]== |
+ | |||
+ | * [[Attack 1]] | ||
+ | * [[Attack 2]] | ||
+ | |||
+ | |||
+ | ==Related [[Vulnerabilities]]== | ||
+ | |||
+ | * [[Vulnerability 1]] | ||
+ | * [[Vulnerabiltiy 2]] | ||
+ | |||
+ | ==Related [[Controls]]== | ||
+ | |||
+ | * [[Control 1]] | ||
+ | * [[Control 2]] | ||
+ | |||
− | ==Related | + | ==Related [[Technical Impacts]]== |
− | + | * [[Technical Impact 1]] | |
+ | * [[Technical Impact 2]] | ||
− | |||
− | [[ | + | ==References== |
+ | Note: A reference to related [http://cwe.mitre.org/ CWE] or [http://capec.mitre.org/ CAPEC] article should be added when exists. Eg: | ||
− | [[ | + | * [http://cwe.mitre.org/data/definitions/79.html CWE 79]. |
+ | * http://www.link1.com | ||
+ | * [http://www.link2.com Title for the link2] | ||
− | |||
− | |||
− | + | __NOTOC__ |
Latest revision as of 18:29, 27 May 2009
#REDIRECT Poor Logging Practice
Last revision (mm/dd/yy): 05/27/2009
Description
It is a poor logging practice to use multiple loggers rather than logging levels in a single class.
Good logging practice dictates the use of a single logger that supports different logging levels for each class.
Risk Factors
TBD
Examples
The following code errantly declares multiple loggers.
public class MyClass { private final static Logger good = Logger.getLogger(MyClass.class); private final static Logger bad = Logger.getLogger(MyClass.class); private final static Logger ugly = Logger.getLogger(MyClass.class); ... }
Related Attacks
Related Vulnerabilities
Related Controls
Related Technical Impacts
References
Note: A reference to related CWE or CAPEC article should be added when exists. Eg: