Hi Ralph! Thanks for taking the time to look into it At present, we are using log4j-1.2.x in all our services/applications. Upgrading to log4j-2.x in short term is not really an option for us.
What I'm looking for is a start and stop message which should be logged, if the application (resectivly the log manager) is started and stopped. Ideally, we can achive this with a simple log4j configuration entry, or by extending log4j in such a way (providing our own Layout implementatioon or so). I try to avoid to touch the code base of each of our application because of this requirement. I couln't find some lifecycle callbacks in log4j 1.2.x with which I could do this. Any pointers? Thanks in advance, Christian ----------------- Software Integration Specialist Apache Member V.P. Apache Camel | Apache Camel PMC Member | Apache Camel committer Apache Incubator PMC Member On Mon, Sep 8, 2014 at 5:22 PM, Christian Müller < [email protected]> wrote: > Hello list! > > For PCI requirement 10.2.6 (Initialization, stopping, or pausing of the > audit logs) [1], I'm wondering what the best solution would be from your > point of view? > > The PCI requirement are detailed further in the spec: > Verify the following are logged: > - Initialization of audit logs > - Stopping or pausing of audit logs > > Turning the audit logs off (or pausing them) prior to performing illicit > activities is a common practice for malicious users wishing to avoid > detection. Initialization of audit logs could indicate that the log > function was disabled by a user to hide their actions. > > The PCI auditor told us, "it's enoght" if the application logs when it's > started and when it's stopped. > > [1] https://www.pcisecuritystandards.org/documents/PCI_DSS_v3.pdf > > Thanks in advance, > Christian > ----------------- > > Software Integration Specialist > > Apache Member > V.P. Apache Camel | Apache Camel PMC Member | Apache Camel committer > Apache Incubator PMC Member >
