Poor Logging Practice: Multiple Loggers

From OWASP
Revision as of 13:29, 27 May 2009 by MediaWiki spam cleanup (talk | contribs) (Reverting to last version not containing links to www.textallial.com)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Template:CandidateForDeletion

#REDIRECT Poor Logging Practice


Last revision (mm/dd/yy): 05/27/2009

Description

It is a poor logging practice to use multiple loggers rather than logging levels in a single class.

Good logging practice dictates the use of a single logger that supports different logging levels for each class.


Risk Factors

TBD

Examples

The following code errantly declares multiple loggers.

	public class MyClass {
	  private final static Logger good =     
				Logger.getLogger(MyClass.class);
	  private final static Logger bad =     
				Logger.getLogger(MyClass.class);
	  private final static Logger ugly =     
				Logger.getLogger(MyClass.class);
	  ...
	}


Related Attacks


Related Vulnerabilities

Related Controls


Related Technical Impacts


References

Note: A reference to related CWE or CAPEC article should be added when exists. Eg: