I always think about how to log a ... security events.
During reading various stuff about security i found a perfect solution for my needs.
Solution is to add a new level to log4j.
On OWASP page you can finds a interesting article about adding security log level to log4j.
I have only one concern about where put security in level set.
I believe it should be between ERROR and WARN ,where in OWASP's example is between WARN and INFO.
Probably there are right,but i will stick to my decision.I don't have any wise sound-like reason why it should be there .(for me security level shoud be a more important than just warning,but security is not a error).
Article was written by Arshan Dabirsiaghi on owasp website
Link can be found below:
https://www.owasp.org/index.php/How_to_add_a_security_log_level_in_log4j
based on example from:
http://jaikiran.wordpress.com/2006/07/12/create-your-own-logging-level-in-log4j/
I will add this level to level set in my micro project where I will practice skills (scala, play framework 2.x) .
DOMINIK SYMONOWICZ's blogs - FOREVER HUNGRY of knowledge, sarcasm, smiling, music, dancing, and food ...lots of food. This IT blog is a collection of notes with a simple solution with an explanation, added documentation, sarcastic comment and weird example. I also write about a lesson learnt from my mistakes. A non-it blog can be found here: Dominik Symonowicz's non-IT blog and website
No comments:
Post a Comment