Fork me on GitHub

Information Gathering -> Logging: Centralized application logging

Risk and Opportunity

Risk: Local stored logs can be unauthorized manipulated by attackers with system access or might be corrupt after an incident. In addition, it is hard to perform an correlation of logs. This leads attacks, which can be performed silently.
Opportunity: A centralized logging system is used and applications logs (including application exceptions) are shipped to it.

Additional Information

Dependencies: Visualized logging, Alerting

Usefulness and Requirements of this Activity

Usefullness: Very High
Required knowledge: Very Low (one discipline)
Required time: Very Low
Required resources (systems): Very Low


ISO27001 2017