This issue has been created
 
 
XWiki Infrastructure / cid:jira-generated-image-avatar-3454a3b9-de38-4611-94e3-6adc0f5fd273 XINFRA-421 Open

Improve documentation of application security logging

 
View issue   ·   Add comment
 

Issue created

 
cid:jira-generated-image-avatar-4723062e-65e8-4a7f-b102-dcb516fdd8c7 Sebastian Klipper created this issue on 11/Sep/24 10:29
 
Summary: Improve documentation of application security logging
Issue Type: cid:jira-generated-image-avatar-3454a3b9-de38-4611-94e3-6adc0f5fd273 Improvement
Assignee: Unassigned
Components: www.xwiki.org
Created: 11/Sep/24 10:29
Labels: security
Priority: cid:jira-generated-image-static-critical-21e0023e-beb0-4364-af26-c92b3bb9f819 Critical
Reporter: Sebastian Klipper
Description:

"In the log administration, there are about 2500 loggers, each with five log levels. However, it’s unclear what a specific logger actually logs when it’s configured."

"There is no central exhaustive documentation of all the logs that exist right now (and there probably never will be)"

Monitoring XWiki from a security perspective is not straightforward. From a security perspective (and, of course, privacy perspective), you need to have a clear understanding of what your logger configuration does.

The OWASP Logging Vocabulary Cheat Sheet offers a standardized vocabulary for logging security-relevant events. It can also be seen as a list of key security events that should be logged.

The Documentation Draft for Application Security Logging is designed to document the corresponding logger configuration in logback.xml for each event listed in the OWASP Logging Vocabulary Cheat Sheet.