# 10 - Insufficient Logging & Monitoring

Insufficient logging, detection, monitoring and active response occurs any time: • Auditable events, such as logins, failed logins, and high-value transactions are not logged Warnings and errors generate no, inadequate, or unclear log messages • Logs of applications and APIs are not monitored for suspicious activity • Logs are only stored locally • Appropriate alerting thresholds and response escalation processes are not in place or effective • Penetration testing and scans by DAST tools (such as OWASP ZAP) do not trigger alerts. • The application is unable to detect, escalate, or alert for active attacks in real time or near real time.

![IDOR\_SS\_1a](https://990422818-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LWGXF4oLcghA1GLq0CM%2F-LWHQt-EMiiOHTuosAKW%2F-LWHQwbdqkG_jsIOT1K_%2Fa10.png?generation=1547571293994269\&alt=media)


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://infosecgirls.gitbook.io/infosecgirls-training/appsec/web-application-pentesting/a10-insufficient-logging-and-monitoring.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.