28 May 2013

Useful link:How to add a security log level in log4j

I always think about how to log a ... security events.
During reading various stuff about security i found  a perfect solution for my needs.

 Solution is to add a new level to log4j.

On OWASP page you can  finds a interesting article about adding security log level to log4j.

I have only one concern about where put security in level set.
I believe it should be between ERROR and WARN ,where in OWASP's example is between WARN and INFO.

Probably there are right,but i will stick to my decision.I don't have any wise sound-like reason why it should be there .(for me security level shoud be a more important than just warning,but security is not a error).


Article was written by Arshan Dabirsiaghi on owasp website
Link can be found below:
https://www.owasp.org/index.php/How_to_add_a_security_log_level_in_log4j
based on example from:
http://jaikiran.wordpress.com/2006/07/12/create-your-own-logging-level-in-log4j/

I will add this level to level set in my micro project where I will practice skills (scala, play framework 2.x) .