This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Practical Logging In Web Applications

From OWASP
Revision as of 01:40, 8 August 2007 by Arshan (talk | contribs) (Identity Flow Through Application Layers)

Jump to: navigation, search

The Problem

Identity Flow Through Application Layers

All web application security experts will tell you how important logging is [1][2][3][4]. How else can you detect attacks, successful or otherwise? Logs should allow you to replay a user's request lifecycle. In an enterprise web application, this is a lot of work and I'm not happy to tell you not many people are doing it right.

There's generally two things development teams have to figure out when architecting a logging strategy; what to log and when to log.

When to Log

There's sdfsdf sdfsdfsdf sdfsdfsdf

What to Log

- date and time
- server IP
- source IP
- URL requested
- module/action/class responsible
- user ID
- description of the event
- severity level


References

http://msdn2.microsoft.com/en-US/library/aa302420.aspx#c04618429_004

Retrieved from "https://wiki.owasp.org/index.php?title=Practical_Logging_In_Web_Applications&oldid=20654"