Logging and Monitoring

Be careful not to write confidential information like user passwords or personally identifiable information in log files in case an attacker gets hold of them. Store your log files in a secure location and encrypt them for the same reason.

tail ./secrets.log

12:59:41.2 INFO sessions.py:124 albert@gmail.com entered password "cowboy77"
12:59:41.8 INFO payments.py:429 User supplied credit card number 4012888888881881
12:59:43.2 INFO profile.py:403 User confirmed social security number is 212-33-1829
12:59:43.8 INFO sessions.py:124 bill@gmail.com entered password "mermaid9"
12:59:48.8 INFO payments.py:810 User supplied CVV code 819