What information should I collect when a user performs an action on a website?
In the development of an organization's web system (containing sensitive information) with credentials, where the actions carried out must be monitored, what information should I keep when each action takes place?
For example, let's suppose the administrator accepts a transaction and months later he says "It wasn't me". We should have the correct pieces of information (apart from the login credentials used at the moment) to check if it was him or not, at least to support a legal act.
The minimum information I guess that should be considered:
- IP at the moment of the action.
- Exact date.
- The values before and after the transaction.
I understand that this depends a lot on the context, so in that case, let's answer for the example I wrote.
Demir last edited by
I will assume the example that you mentioned:
IP at the moment of the action.
This is good
Also good if you add the time as well
The values before and after the transaction.
This is also good but I would probably detail it and add some more info as:
- Transaction ID
- Quantity sent
- Type of transaction
- Sender and Receiver (including the accounts id, for example)
This is an absolutely NONO for many reasons:
- If you mention credentials I assume that you mean cleartext password, which would imply that they are not hashing psw -> BIG NO
- The idea of logging is to keep a track of the user actions. If an admin is checking logs, why would he need the credentials of the account? Also, take into account that your app should always follow the least privilege principle
In the end what we want to achieve with logging is to ensure non-repudiation. It would not make a lot of sense to add credentials in there. Just imagine how catastrophic would be if that page would be exposed through a XSS or something similar!