Logs are a handy tool to spot mistakes and debug code. For engineers and, specifically, in a DevOps environment, the logs are a very valuable tool.
When a security breach occurs, your log files are the first place to look for clues about what happened. But with a large number of different frameworks available for logging in Java applications, how do you pick the right one? More importantly, how to do Java logging right?
In the blog post "Java logging: what should you log and what not?" I am discussing:
- What should we log? (Covering the 5W-H model)
- Logging security events
- What shouldn’t we log?
- Implementing security logging in Java
What are your 2-cents on this topic. Please share.