Concept

Logging is very important for modern systems. We use it for various reasons:

• Application monitoring and debugging.

• Audit logging: E.g. record specific actions of your users and systems.

• Security Event Monitoring: e.g. provide information to a SIEM or SOAR system that will trigger based on the information provided in these logs.

Goals

• The user should have a basic understanding of logging and where to log for.

• The user understands the risks of log spoofing and leaking log information.

• The user will be able to do a simple log spoofing attack.

• The user will be able to tell the basic risks involved in logging.