To expand upon Rory's recommendations, you really news to ask yourself what is the driver behind your logging, and what information you need to accomplish those goals.

For example, do you need user attribution? If so, then you probably need

• Username
• Timestamp
• Source IP
• GET string and possibly POST variables
• Session IDs
• Cookie information (expirations, tokens if appropriate, chocolate/sugar/gluten-free, etc)

Are you looking for unauthorized access attempts?

• Timestamp
• Source IP
• Action Performed (login, data query, etc)
• Related information to action, (username, query string, etc)

Do you have policy/contractual/regulatory/etc requiring full session reconstruction? Well, that's a lot harder and will require all kinds of scary data on every request. This will likely require deep app integration and possibly need things like stack traces, variable dumps, packet captures, etc.

To expand upon Rory's recommendations, you really need to ask yourself what is the driver behind your logging, and what information you need to accomplish those goals.

For example, if you need user attribution then you probably need

• Username
• Timestamp
• Source IP
• GET string and possibly POST variables
• Session IDs
• Cookie information (expirations, tokens if appropriate, chocolate/sugar/gluten-free, etc)

Are you looking for unauthorized access attempts?

• Timestamp
• Source IP
• Action Performed (login, data query, etc)
• Related information to action, (username, query string, etc)

Do you have policy/contractual/regulatory/etc. requiring full session reconstruction? Well, that's a lot harder and will require all kinds of scary data on every request. This will likely require deep app integration and possibly need things like stack traces, variable dumps, packet captures, etc.