OWASP Security Logging library for Java
Vulnerabilities Addressed:
Additional Features:
This release includes the following:
Note: Two prior versions (1.1.1 and 1.1.2) were released to Maven Central, but never tagged on GitHub. This description also includes features included in those prior releases.
Version 1.1.0 introduces separate projects for Logback and Log4j support, and a common set of shared classes. To use Logback, add the security-logging-logback dependency to pom.xml. Log4j users should include security-logging-log4j. Maven builds will automatically include security-logging-common. Developers are responsible for providing their own Logback or Log4j dependencies.
This release also includes:
This release introduces the following features - security logging markers with secrutiy levels to identify security log events - appender to isolate security events, based on their secruity level - security layout for a standard format of security log events