I have upgrade from log4j-1.2.17 to log4j-2 with needed code changes and then removed log4j and deployed log4j2. service not starting, hence, logs not generating, where I need check
Related
For the newest version of PDI 9.3, it still uses jetty 9.4.18. There are several security issue of jetty and no workaround for some of them, such as CVE-2022-2047, CVE-2022-2048. And if replaces jetty*.jar to newer version such as 9.4.48, PDI will work not properly.
So how to resolve the security issue of jetty in PDI(kettle)?
Thank you.
In some projects which used slf4j and log4j I can see dependencies like
compile('org.apache.logging.log4j:log4j-core:version')
compile('org.apache.logging.log4j:log4j-api:version')
compile('org.apache.logging.log4j:log4j-slf4j-impl:version')
But some projects use slf4j-log4j12 instead of log4j-slf4j-impl. To my understanding they are both works like bridges between slf4j and log4j, but what's their difference?
Those artifacts use different versions of Log4j:
slf4j-log4j12 is a bridge between SLF4J and Log4j 1.2. Its versioning follows SLF4J.
log4j-slf4j-impl is a bridge between SLF4J 1.x (up to 1.7.x) and Log4j 2.x. Its versioning follows LOG4J2.
log4j-slf4j2-impl is a bridge between SLF4J 2.x (or higher) and Log4j 2.x. Its versioning follows LOG4J2.
Since Log4j 1.x reached end-of-life more than 7 years ago, there is no sense in using the first one in new software.
Recently we upgraded to elastic 5.0. The java client in Elastic 5.0 has a hard dependency on log4j 2.6. Storm server (version 1.0.2) on the other hand uses an older version log4J and both are hard wired dependency. The following is the error we get when trying to deploy to the server and i can see that 'PreBuiltTransportClient' is not able to instantiate.
java.lang.NoSuchMethodError: org.apache.logging.log4j.Logger.info(Ljava/lang/String;Ljava/lang/Object;)V
I have raised the issue with Elastic and they have acknowledged the issue and mentioned that they are working on a true client that has lesser dependencies.
Any workarounds or suggestions to get around this for the timebeing?
I found a solution for this and it is working now. Here is what i did,
Storm loads the log4j files using a python script from a specified folder under /lib. The latest version of storm uses log4j 2.1
I copied the log4j 2.6.2 files in to that folder.
Now when I deployed my toplogy, storm started using the log4j2.6.2 in the CLASSPATH.
Elastic client got what it needed and it started working.
Until the light weight Elastic Client is released we will continue to use this workaround.
I want to upgrade log4j version from 1.2 to 2.3 version. But there are many modules in application (almost 100) and I have 100 log4j.xml files. So I can't change my xml files manually. Can You suggest any automatic way?
In my web application I am using apache logging log4j. When I was working jboss as 7.0, logging was working well.
But when i switched to Jboss 7.1 logging is not working. Can somebody let me know what has been changed?
By default in 7.1 logging dependencies are added to each deployment. This works for most people, but if you're using your own log4j configuration this will not work for you in 7.1.1 and lower. You need to exclude the servers log4j dependency.
Note: In 7.2.x this will just work and you can remove the jboss-deployment-structure.xml and the dependency.