{% set baseFontFamily = "Open Sans" %} /* Add the font family you wish to use. You may need to import it above. */

{% set headerFontFamily = "Open Sans" %} /* This affects only headers on the site. Add the font family you wish to use. You may need to import it above. */

{% set textColor = "#565656" %} /* This sets the universal color of dark text on the site */

{% set pageCenter = "1400px" %} /* This sets the width of the website */

{% set headerType = "fixed" %} /* To make this a fixed header, change the value to "fixed" - otherwise, set it to "static" */

{% set lightGreyColor = "#f7f7f7" %} /* This affects all grey background sections */

{% set baseFontWeight = "normal" %} /* More than likely, you will use one of these values (higher = bolder): 300, 400, 700, 900 */

{% set headerFontWeight = "normal" %} /* For Headers; More than likely, you will use one of these values (higher = bolder): 300, 400, 700, 900 */

{% set buttonRadius = '40px' %} /* "0" for square edges, "10px" for rounded edges, "40px" for pill shape; This will change all buttons */

After you have updated your stylesheet, make sure you turn this module off

Centralize Logging

by Serge Truth on January 6, 2011

Here is another article to keep up with the theme of centralizing information security functionality. The security functions that may be centralized effectively are:Centralize Logging input and data validation, auditing and logging, and error handling. These functions should behave similarly throughout the application and that is why it makes sense to put them in one place. Putting them in one place also helps make sure that this functionality is mature and well developed, because it is easier to evaluate it when it is distinct from the rest of the code. This article is focused on centralizing logging functions.

Write a dedicated logging library or class and use it whenever log entries have to be generated, because a centralized logging subsystem is simpler to maintain and implement correctly. Perform the following actions to centralize logging:

1.   Identify existing logging functionality. Examine the application architecture to identify logging facilities, such as the logging API and where audit trails are actually stored. Make a list of APIs used to log events, document how to use them, and where they store logs.

2.   Design the logging subsystem. Design and implement a class or library specifically for logging. When designing the logging subsystem, consider sending logs to a remote log server. Consider the following factors when designing the logging subsystem:

·         Log throttling

·         Logging important event details

·         Logging important security operations

·         Logging important business operations

·         Monitoring the use of privileged accounts

·         Logging user management events

·         Avoiding including sensitive information in logs

·         Logging unusual activity

·         Sending logs to a centralized server

3.   Implement the logging subsystem. Write code that generates log entries according to your design.

4.   Use the logging subsystem. Use the logging class or library whenever logs are generated. If earlier code exists that generates log entries, replace it with calls to the new logging subsystem API.

Topics: developer guidance

Most Recent

What's Trending

Featured Resource