You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@logging.apache.org by "Joubin Jabbari (JIRA)" <ji...@apache.org> on 2019/07/28 23:58:00 UTC

[jira] [Created] (LOG4J2-2665) Incident Response Improvement for Log4J

Joubin Jabbari created LOG4J2-2665:
--------------------------------------

             Summary: Incident Response Improvement for Log4J
                 Key: LOG4J2-2665
                 URL: https://issues.apache.org/jira/browse/LOG4J2-2665
             Project: Log4j 2
          Issue Type: Improvement
          Components: API
    Affects Versions: 2.12.0
            Reporter: Joubin Jabbari


Issue:

Logging something to a file only solves half of the problem. The log needs to readable and distinguishable by auditors and responders. 

This is a proposal to add a optional feature for the instantiation and compile process of the logger. 

 
 # Allow for a description parameter for each log statement. 
 # When the description is filled out, log events that correspond to that description are given a hash number that match the hash of the description 
 # The descriptions of said log are extracted and paired with their hash into a "log description file" during the compile process

Example:

Previous Logging Method
{code:java}
logger.info(user.id + " was able to login")
{code}
Proposed change
{code:java}
logger.info(user.id + " was able to login", description="This log event appears right after every user logs in"){code}
Log File example

Previous:
{code:java}
user132 was able to login
{code}
Proposed:
{code:java}
c58868be25f925102364ba7cf15b4fbcca5d3f11: user132 was able to login
{code}
Proposed log file description file generated during compile time:
{code:java}
c58868be25f925102364ba7cf15b4fbcca5d3f11: This log event appears right after every user logs in{code}
 

 

 



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)