I'm after a bit of input from some of you guys. What sort of data should I log? What data should I add or remove from my current list...
• The type of event (failed login, account modification.etc)
• Client IP Address
• Proxy IP Address
• Client Agent and Operating System Details
• HTTP Referrer
• Event type specific information. For example, a log entry for a failed login attempt would store the username and password used for that login attempt.
I already know what to log, and that's things such as failed and successful login, customer account modifications including password changes (password changes will be logged separately).etc. I'll be storing the logs in both a database table and text file. This ensures redundancy and flexibility.
I'll be writing a function which will automatically generate most the event data and write it to both the file and the database.
Any suggestions? Am I on the right track here. I've never implemented a logging system before. What order should the event data be in (in the text file). Should the event type come first, or the date and time?