"This article examines the dismal state of application-layer logging as observed from the authors� years of experience in performing source code security analysis on millions of lines of code. It argues that effective logging is often ignored in the push for application security and demonstrates how applications can benefit from a real-time detection of attacks. An idea of a practical implementation is discussed, along with an examination of some of the associated risks and costs."

Article Link: http://www.securityfocus.com/infocus/1888