New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Improved Logging Facilities [CORE679] #1045
Comments
Modified by: @pcisarissuetype: New Feature [ 2 ] => Improvement [ 4 ] assignee: Dmitry Yemanov [ dimitr ] SF_ID: 1108199 => |
Modified by: @pcisarassignee: Dmitry Yemanov [ dimitr ] => |
Modified by: @pcisarWorkflow: jira [ 10703 ] => Firebird [ 15104 ] |
Commented by: PizzaProgram Ltd. (szakilaci) IMHO more important would be to DISABLE some kind of data being logged: It would be logical to set these parameters by [connection parameters] from the API. Currently this IS an urgent security issue ! |
Commented by: @dyemanov If a thief has full access to your server (where firebird.log resides), then you're out of luck anyway. DBMS can not and should not protect your data in the case of a compromised server-level access. The only possible solution here is database encryption (available in Firebird v3). |
Commented by: @k3ldar Agreed if a thief has access to the server then very little can be done, but, if the success/failed logins could be detected (via more detailed log files) other methods could be used to scan log files and help prevent brute force attacks on public servers running FB. At the moment there is no way of knowing who is trying to connect to the server and failing because of invalid password etc. |
Submitted by: tectsoft (tectsoft)
Votes: 4
SFID: 1108199#
Submitted By: tectsoft
Would be nice to have improved logging facilities.
- Log failed connections. (see request 1107907 as well)
- Log successful connections (user and database).
- log ip address for all log items
- change log file to delimited format for easy importing
into other apps
- Log bandwidth (in/out) by user - Maybe too much but
worth asking :-)
- Log code for easy searching of log's
- Daily log files instead of 1 all encompassing log file.
- Maximum log file count (i.e. delete all log files of a user
specified date)
The text was updated successfully, but these errors were encountered: