Details
-
Improvement
-
Resolution: Unresolved
-
Critical
Description
"In the log administration, there are about 2500 loggers, each with five log levels. However, it’s unclear what a specific logger actually logs when it’s configured."
"There is no central exhaustive documentation of all the logs that exist right now (and there probably never will be)"
Monitoring XWiki from a security perspective is not straightforward. From a security perspective (and, of course, privacy perspective), you need to have a clear understanding of what your logger configuration does.
The OWASP Logging Vocabulary Cheat Sheet offers a standardized vocabulary for logging security-relevant events. It can also be seen as a list of key security events that should be logged.
The Documentation Draft for Application Security Logging is designed to document the corresponding logger configuration in logback.xml for each event listed in the OWASP Logging Vocabulary Cheat Sheet.