All-in-one serverless DevOps platform.
Full-stack visibility across the entire stack.
Detect and resolve incidents in record time.
Conform to industry best practices.
Some types of information are critical to log so that they are available when it comes the time to act upon or prevent security breaches.
Having critical logs will help, for example, understand which security flaws attackers explored (or are trying to explore), and how to fix them, or build a blacklist of IP addresses, or identify compromised customer accounts.
Below are some examples of items that may be interesting to log from a security standpoint. Beware that sensitive information should not end up in application logs. User personal data or identifying information, as well as database query statements and other internal aspects of your app could be very dangerous to be logged in an unprotected format.
When analyzing or acting on a possible security breach, it would be helpful to retrace the attacker’s steps and having the invocation payload received by your Lambdas is certainly going to help on that.
Similarly, the response output will not only understand which behaviors the attackers were leading your application into but also recording which datapoints may now be in possession of a malicious third party.
Logging database queries will also help to identify how attackers are trying to explore your data repositories. Worst-case scenario, it will tell you what information may have been breached.
Be sure to not log anything sensitive. Usually, query parameters should be omitted in logs, (especially if they are user inputs), leaving only the basic query structure.
Especially the failed authentication requests are essential to log. Additionally, make sure to include in the logs everything you can about the requester and the context, such as the IP Address and which areas of the application the user was trying to gain access to.
Based on the OWASP Logging Cheat Sheet recommendations, we should be logging: When, Where, Who and What in every function invocation. That’s applicable to all items we discussed above and any other logging scenario in our serverless app.
We aim to improve Dashbird every day and user feedback is extremely important for that, so please let us know if you have any feedback about our features and error handling! We would really appreciate it!
Can’t find what you’re looking for? We’d love to help. Send us a message through the chat bubble or email us.
No results found
Dashbird is a monitoring, debugging and intelligence platform designed to help serverless developers build, operate, improve, and scale their modern cloud applications on AWS environment securely and with ease.
Dashbird gives us a simple and easy to use tool to have peace of mind and know that all of our Serverless functions are running correctly. We are instantly aware now if there’s a problem. We love the fact that we have enough information in the Slack notification itself to take appropriate action immediately and know exactly where the issue occurred.
Thanks to Dashbird the time to discover the occurrence of an issue reduced from 2-4 hours to a matter of seconds or minutes. It also means that hundreds of dollars are saved every month.
Great onboarding: it takes just a couple of minutes to connect an AWS account to an organization in Dashbird. The UI is clean and gives a good overview of what is happening with the Lambdas and API Gateways in the account.
I mean, it is just extremely time-saving. It’s so efficient! I don’t think it’s an exaggeration or dramatic to say that Dashbird has been a lifesaver for us.
Dashbird provides an easier interface to monitor and debug problems with our Lambdas. Relevant logs are simple to find and view. Dashbird’s support has been good, and they take product suggestions with grace.
Great UI. Easy to navigate through CloudWatch logs. Simple setup.
Dashbird helped us refine the size of our Lambdas, resulting in significantly reduced costs. We have Dashbird alert us in seconds via email when any of our functions behaves abnormally. Their app immediately makes the cause and severity of errors obvious.