locked
Nee to prepare for Audit trails for my web application RRS feed

  • Question

  • User1052662409 posted

    Hi all,

    I have developed a web application. I need to prepare for audit trails here.

    The following operations I have to develop.

    ===>

    Logging of Authentication Process. Success and failed attempts.

    Logging Authentication details changes.

    Software error and failures logged Should not be possible to retrieve confidential authentication information from these logs (including passwords) Is it possible to uniquely identify both client host and user from these logs?

    Is it possible to review these logs from within application?(Include Reporting of information from logs).

    What level of information is logged by the application (read/write access, modification data, copy/paste data)?

    Are log files time sequential and can they positively identify the time of action?

    Is there any validation of event logs and can missing/deleted entries be discovered or recovered?

    How long do logs exist for?

    What method of backup and recovery event logs exist.

    any reference? any link?

    Thanks

    Wednesday, August 6, 2014 1:53 AM

All replies

  • User-422422004 posted

    I think the answers of all these questions are up to you, what do you want to achrive? I don't think there're any standard answers for your questions.

    If you are asking for logging providers, maybe you can try log4Net.

    thanks.

    Thursday, August 7, 2014 3:03 AM