Skip to content

teragrep/jla_05

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

26 Commits
.github
.github
 
 
src
src
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.adoc
README.adoc
 
 
pom.xml
pom.xml
 
 

Repository files navigation

Log4j RELP Plugin

Build Status

Creates Log4j appender that uses RELP to ensure no events are lost.

See log4j.example.properties for example config

Please note

Please note that regarding log4j version 1.2.17 following vulnerabilities exist and we recommend not to use these features:

  • CVE-2020-9488 Improper validation of certificate with host mismatch in Apache Log4j SMTP appender.

  • CVE-2019-17571 Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data.

Property explanations

Property Description

log4j.appender.RELPAPPENDER.relpAddress

Connection destination address

log4j.appender.RELPAPPENDER.relpPort

Connection destination port

log4j.appender.RELPAPPENDER.appName

Stream application identifier. Maximum length of 48 characters, limited by RFC5424

log4j.appender.RELPAPPENDER.hostname

Stream host identifier. Maximum length of 255 characters, limited by RFC5424

log4j.appender.RELPAPPENDER.connectionTimeout

Time to wait before timing out connection

log4j.appender.RELPAPPENDER.writeTimeout

Time to wait for destination to accept data

log4j.appender.RELPAPPENDER.readTimeout

Time to wait for destination to acknowledge sent data (low values cause duplicates)

log4j.appender.RELPAPPENDER.reconnectInterval

Time to wait between re-connection attempts

log4j.appender.RELPAPPENDER.useSD

Enables structured data containing uuid and source information

Usage

Pass log4j.properties file as property

-Dlog4j.configuration=file:/path/to/log4j.properties

Using the logger

static Logger logger = Logger.getLogger(MyClass.class.getName());
logger.info("Info Message");
logger.warn("Warning message");
logger.trace("Trace message");
// Finally shutdown so RELP can disconnect gracefully
LogManager.shutdown();

Maven dependency definition

<dependency>
    <groupId>com.teragrep</groupId>
    <artifactId>jla_05</artifactId>
    <version>%VERSION%</version>
</dependency>

Configuring pre-built log4j application

First download wanted versions of jla_05, rlp_01 and rlo_14 from the following urls:

Then run java while pointing classpath to the directory where you downloaded the jars to like:

java -cp "path/to/downloaded/jars/*:target/example.jar" com.teragrep.example.Main

Contributing

You can involve yourself with our project by opening an issue or submitting a pull request.

Contribution requirements:

  1. All changes must be accompanied by a new or changed test. If you think testing is not required in your pull request, include a sufficient explanation as why you think so.

  2. Security checks must pass

  3. Pull requests must align with the principles and values of extreme programming.

  4. Pull requests must follow the principles of Object Thinking and Elegant Objects (EO).

Read more in our Contributing Guideline.

Contributor License Agreement

Contributors must sign Teragrep Contributor License Agreement before a pull request is accepted to organization’s repositories.

You need to submit the CLA only once. After submitting the CLA you can contribute to all Teragrep’s repositories.

About

Log4j RELP Plugin

Topics

java log log4j logger logging syslog log-management syslog-client relp relp-client

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

0 stars

Watchers

4 watching

Forks

4 forks
Report repository

Releases 5

1.2.0 Latest
Oct 23, 2023
+ 4 releases

Packages

 
 
 

Contributors 3

  •  
  •  
  •  

Languages