| System login attempt | timestamp and event ID, user login, administrator privileges (if any), LDAP URL, user ID | derscanner-debug.log |
| Initiating DB search | timestamp and event ID, user login | derscanner-debug.log |
| Session token creation | timestamp and event ID, user login, administrator privileges (if any), LDAP URL, user ID | derscanner-debug.log |
| Getting a token from Account | timestamp and event ID, user login, token validity period (in min.), administrator privileges (if any), LDAP URL, user ID | derscanner-debug.log |
| Change password attempt | timestamp and event ID, user login, administrator privileges (if any), LDAP URL, user ID | derscanner-debug.log |
| Wrong password error | timestamp and event ID, user login | derscanner-debug.log |
| Wrong login error | timestamp and event ID, user login | derscanner-debug.log |
| Session token renewal | timestamp and event ID, user login, token validity period (in min.), administrator privileges (if any), LDAP URL, user ID | derscanner-debug.log |
| Expired session token usage attempt | timestamp and event ID, token expiration time, current time, time difference in ms | derscanner-debug.log |
| Projects list query | timestamp and event ID, sort order, whether to include archived or empty projects, languages for scanning, project names and statuses, administrator privileges (if any), LDAP URL, user ID, user login | derscanner-debug.log |
| Project info query | timestamp and event ID, project UUID, administrator privileges (if any), LDAP URL, user ID, user login | derscanner-debug.log |
| Scan info query | timestamp and event ID, scan UUID, administrator privileges (if any), LDAP URL, user ID, user login | derscanner-debug.log |
| Scans list query | timestamp and event ID, project and scans UUID, administrator privileges (if any), LDAP URL, user ID, user login | derscanner-debug.log |
| Statistics query | timestamp and event ID, scan UUID, administrator privileges (if any), LDAP URL, user ID, user login | derscanner-debug.log |
| Vulnerability info query | timestamp and event ID, vulnerability ID, administrator privileges (if any), LDAP URL, user ID, user login | derscanner-debug.log |
| Export report query | timestamp and event ID, scan UUID, project UUID, detected vulnerabilities UUIDs, project name, link to detailed results, path to logo, number of scans, project creation date, app version, project author, hidden user settings: user ID, settings UUID, visibility restrictions, administrator privileges (if any), LDAP URL, user ID, user login | derscanner-debug.log |
| Rules list query | timestamp and event ID, filter settings: key words, language, WAF recommendations, classifications, authors, sorting, order of sorting, grouping, administrator privileges (if any), LDAP URL, user ID, user login | derscanner-debug.log |
| Rule sets list query | timestamp and event ID, sets sorting settings: key words, languages, authors; administrator privileges (if any), LDAP URL, user ID, user login | derscanner-debug.log |
| Users list query | timestamp and event ID, users sorting settings, vulnerability ID, administrator privileges (if any), LDAP URL, user ID, user login | derscanner-debug.log |
| User creation | timestamp and event ID, userDto object: login, e-mail, full name, organization, position, phone number, website, account availability from - to, available scans, account (un)blocked, password expiry date, password attempts restrictions, hidden user settings: user ID, settings UUID, visibility restrictions, administrator privileges (if any), LDAP URL, user ID, user login | derscanner-debug.log |
| User editing | timestamp and event ID, userDto object: login, e-mail, full name, organization, position, phone number, website, account availability from - to, available scans, account (un)blocked, password expiry date, password attempts restrictions, hidden user settings: user ID, settings UUID, visibility restrictions, administrator privileges (if any), LDAP URL, user ID, user login | derscanner-debug.log |
| User removal | timestamp and event ID, removed user UUID, administrator privileges (if any), LDAP URL, user ID, user login | derscanner-debug.log |
| Project creation | timestamp and event ID, project settings, administrator privileges (if any), LDAP URL, user ID, user login | derscanner-debug.log |
| Project editing | timestamp and event ID, project settings UUID, administrator privileges (if any), LDAP URL, user ID, user login | derscanner-debug.log |
| Project removal | timestamp and event ID, project UUID, administrator privileges (if any), LDAP URL, user ID, user login | derscanner-debug.log |
| Scan launch | timestamp and event ID, project settings, path to temporary file (for archives), repository cloning command (for VCS), path to source.zip, project UUID, scan UUID, all launched tasks UUIDs, administrator privileges (if any), LDAP URL, user ID, user login | derscanner-debug.log |
| Scan pause | timestamp and event ID, scan UUID, unfinished tasks UUIDs, administrator privileges (if any), LDAP URL, user ID, user login | derscanner-debug.log |
| Scan stop | timestamp and event ID, scan UUID, administrator privileges (if any), LDAP URL, user ID, user login | derscanner-debug.log |
| Scan removal | timestamp and event ID, scan UUID, project directory, administrator privileges (if any), LDAP URL, user ID, user login | derscanner-debug.log |
| Detected vulnerability attributes editing | timestamp and event ID, vulnerability UUID, scan UUID, project UUID, old and new comment (if changed), old and new severity level (if changed), old and new status (if changed), administrator privileges (if any), LDAP URL, user ID, user login | derscanner-debug.log |
| Rule creation | timestamp and event ID, severity level, description, administrator privileges (if any), LDAP URL, user ID, user login | derscanner-debug.log |
| Rule editing | timestamp and event ID, severity level, description, administrator privileges (if any), LDAP URL, user ID, user login | derscanner-debug.log |
| Rule set creation | timestamp and event ID, rule set UUID, programming language, set name, privacy settings, IDs of included rules, administrator privileges (if any), LDAP URL, user ID, user login | derscanner-debug.log |
| Rule set editing | timestamp and event ID, rule set UUID, programming language, set name, privacy settings, IDs of included rules, administrator privileges (if any), LDAP URL, user ID, user login | derscanner-debug.log |
| Rules upload | timestamp and event ID, archive name, administrator privileges (if any), LDAP URL, user ID, user login | derscanner-debug.log |
| Wrong password | timestamp and event ID | derscanner-debug.log |
| Wrong login | timestamp and event ID | derscanner-debug.log |
| Project upload by link | timestamp and event ID, link | derscanner-debug.log |
| Attempt to create a user that already exists | timestamp and event ID | derscanner-debug.log |
| Password change: provided values don't match | timestamp and event ID | derscanner-debug.log |
| Rules upload error | timestamp and event ID | derscanner-debug.log |
| License error: license expired | timestamp and event ID | derscanner-debug.log |
| Not enough hard drive space | timestamp and event ID | derscanner-debug.log |
| Not enough RAM | timestamp and event ID | derscanner-debug.log |
| Daemon not responsive | timestamp and event ID, task UUID | derscanner-debug.log |
| DB not responsive | timestamp and event ID | derscanner-debug.log |
| Matcher error | timestamp and event ID, file path | log.log (/opt/derscanner/files/ d/{taskuuid}/.state/log.log) |
| OutOfMemory for Java | timestamp and event ID | /opt/derscanner/sast-daemon/ languages/{LANG}/{DATE}_ {TASK_START_TIME}_ {SCAN_UUID}.log (or .log.zip) |