FWIW, I have plans to create a log4j-audit subproject that could be used to implement what you have described, although it will be done differently than what you have done and won’t need any extensions to Log4j 2. I implemented a framework similar to what I have in mind at one of my former employers and was actually the basis for several features that are part of log4j 2.
Ralph > On Jan 8, 2016, at 9:13 AM, Bryan Krol <[email protected]> wrote: > > Hello all, > As part of some other work I have been doing, our team has decided that it > would be worth extending the Log4j2 library in such a way as to better > support logging of security events. We also thought what we did would be of > interest to the larger Apache community, mostly because the need for > application-level security auditing is growing to help mitigate the increase > of application security incidents. In order to facilitate better auditing > practices, developers now have a need to include better security logging > practices in the development process. Application logs provide valuable data > for: > Identifying security threats > Monitoring policy violations > Providing details about problems and unusual conditions > Contributing application-specific data for auditing which is lacking in other > sources > Helping defend against vulnerability identification and exploitation through > attack detection. > I have attached a document that more thoroughly explains what we have done > and what "problems" we were looking to solve with our changes. > I am looking for some guidance on how I should go about submitting these > changes back to the Apache Log4j 2.x team for inclusion in the code base. I > have implemented both the functionality and the appropriate JUnit code for > testing of the additions. > > If anyone could respond with some information to help, I would greatly > appreciate it. > > Thank you, > > -- > Bryan Krol > Software Engineer > Technergetics, LLC > [email protected] <mailto:[email protected]> > Phone: (315) 271-2096 > Fax: (886) 307-4382 > <Security Logging as part of Log4j-v4-20160108_160213.pdf> > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected]
