Logging is very important for modern systems. We use it for various reasons:
Application monitoring and debugging.
Audit logging: E.g. record specific actions of your users and systems.
Security Event Monitoring: e.g. provide information to a SIEM or SOAR system that will trigger based on the information provided in these logs.
The user should have a basic understanding of logging and where to log for.
The user understands the risks of log spoofing and leaking log information.
The user will be able to do a simple log spoofing attack.
The user will be able to tell the basic risks involved in logging.
Last updated 1 year ago
Was this helpful?
