Here is an idea I have, if someone knows of something like this please let me know, seriously starting to think about security more and more I get these ideas from time to time.
Is there a compendium of "this is the attack vector" paired with "this is what might be in the logs".
I completely agree that this would be a huge list, but the more I think about threat modeling, what not to log and how to correlate it, the more I think a resource like this could be useful. I easily become defeated by such a daunting task of thinking of ways to log this or log that... *sigh*
Is this a hopeless battle?