The log management must be made by the operating system or by an external system separated from the application.
CIS Controls. 6.3 Enable Detailed Logging: Enable system logging to include detailed information such as an event source, date, user, timestamp, source addresses, destination addresses, and other useful elements.
CWE-778: Insufficient Logging: When a security-critical event occurs, the software either does not record the event or omits important details about the event when logging it.
ISO 27001:2013. Annex A - 12.4.1: Store, maintain and regularly review records of user activities, exceptions, failures and information security events.
OWASP-ASVS v4.0.1 V1.7 Errors, Logging and Auditing Architectural Requirements.(1.7.1): Verify that a common logging format and approach is used across the system.
OWASP-ASVS v4.0.1 V7.1 Log Content Requirements.(7.1.4): Verify that each log event includes necessary information that would allow for a detailed investigation of the timeline when an event happens.
OWASP Top 10 A10:2017-Insufficient Logging & Monitoring: Insufficient logging and monitoring, coupled with missing or ineffective integration with incident response, allows attackers to further attack systems, maintain persistence, pivot to more systems, and tamper, extract, or destroy data.