Securing the Semantic Logging Application Block
.png "patterns & practices Developer Center")
Consider the following security concerns when deploying and using the Semantic Logging Application Block:
- The event sinks provided with the block do not encrypt the logged event data, which may contain sensitive information. To protect the contents of event logs while in transit over the network and in storage, consider the following:
- When using the SQL Database sink, include any required security options in the connection string in order to ensure that the connections are secure. This will help to protect the data while it is in transit over the network. Also, ensure that permissions to access the database and the tables containing event logs are correctly configured to prevent access by unauthorized users.
- When using the Azure Table Storage sink, specify SSL in the connection string for the Azure storage to protect the data while it is in transit over the network. Also, ensure that permissions to access the storage account and the tables containing event logs are correctly configured to prevent access by unauthorized users. Ensure that your Azure storage keys are kept private.
- When using a flat file sink, use access control lists (ACLs) to restrict access to the log files.
- If you require the stored event logs to be encrypted or sanitized, consider creating a custom formatter that encrypts the information or automatically removes sensitive information from log messages. For information about how to create a custom formatter, see Creating a custom event formatter.
- Consider protecting ETW sessions from unauthorized access by setting permissions on the session. For more information, see the topic Securing Monitoring on MSDN.