Apps |
- mozlog
- Basic set of fields encoded in JSON format
- OWASP Logging Cheat Sheet
- High-level list of events an application should record:
- Input validation failures; for example, protocol violations, unacceptable encodings, invalid parameter names and values
- Output validation failures such as database-record-set mismatch, invalid data encoding
- Authentication successes and failures
- Authorization (access control) failures
- Session management failures; for example, cookie session identification-value modification
- Application errors and system events such as syntax and runtime errors, connectivity problems, performance issues, third-party service error messages, filesystem errors, file upload virus detection, configuration changes
- Application and related systems start-ups and shut-downs, and logging initialization (starting, stopping, or pausing)
- Use of higher-risk functionality; for example, network connections, adding or deleting users, changes to privileges, assigning users to tokens, adding or deleting tokens, use of systems administrative privileges, access by application administrators, all actions by users with administrative privileges, access to payment-cardholder data, use of data-encrypting keys, key changes, creation and deletion of system-level objects, data import and export including screen-based reports, submission of user-generated content—especially file uploads
- Legal and other opt-ins such as permissions for mobile phone capabilities, terms of use, terms and conditions, personal data-usage consent, permission to receive marketing communications
- OWASP AppSensor
- Outlines a sophisticated method by which applications can detect and respond to attacks using complex logging- and event-analysis techniques
|