log forging issue - any common solution?
It means if we logged info which user input directly , log file were not safe, for example,
if user input name as "Ryan\n\n", in log file will produce two new lines, attacker will use
this to do log forging, so we should do some encoding before logging, for example ,
input name : Ryan\n\n we should uses encode(name) method to replace some unsafe
char like \n.
1. Our web application using Log4J, CommonLog for different layer, any good
way to prevent log forging? we suppose if any common Utils exist?
2. I also saw ESAPI, but we should better not bring new jar into our project,
any solution like wrapping the Log4J to make a safe logger ?
We're currently using Splunk. I think it's probably one of the best log indexing tools I've used.
Another common one that's open source is Logstash
I used splunk is perfect.