HTTPAPPENDER

classic Classic list List threaded Threaded
8 messages Options
Reply | Threaded
Open this post in threaded view
|

HTTPAPPENDER

itsganu@gmail.com
Is there a good example to use the log4j httpappender. I have seen example
for socketappender and tried it. I want to compare between socket appender
and http appender so that we can choose what will be best fit for our
product.



--
Sent from: http://apache-logging.6191.n7.nabble.com/Log4j-Users-f4.html

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: HTTPAPPENDER

Matt Sicker
My primary use case for that appender would be posting a message to a Slack
webhook. For example, if my team's notification channel for monitoring
services and such has a webhook URL, I can POST to that URL with a
PatternLayout using the JSON escape of a message laid out like {"message":
"%enc{%m}{JSON}"}. So, for a more complete example:

<Appenders>
  <Http name="slack" url="https://slack.com/blah-blah-blah">
    <MarkerFilter marker="SLACK" onMatch="ACCEPT"/>
    <PatternLayout pattern="{\"message\":\"%enc{%m}{JSON}\"}"/>
  </Http>
</Appenders>

Then, I'd use:

Marker SLACK = MarkerManager.getMarker("SLACK");
logger.info(SLACK, "Hello, team!");

The use of a marker here makes it so I can specify a log message should go
to Slack regardless of which logger name it comes from. A similar use case
could be used with the SMTP appender and other networked ones where you
only care about urgent log messages.

On 23 October 2017 at 22:58, [hidden email] <[hidden email]> wrote:

> Is there a good example to use the log4j httpappender. I have seen example
> for socketappender and tried it. I want to compare between socket appender
> and http appender so that we can choose what will be best fit for our
> product.
>
>
>
> --
> Sent from: http://apache-logging.6191.n7.nabble.com/Log4j-Users-f4.html
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [hidden email]
> For additional commands, e-mail: [hidden email]
>
>


--
Matt Sicker <[hidden email]>
Reply | Threaded
Open this post in threaded view
|

Re: HTTPAPPENDER

itsganu@gmail.com
Thanks. We have a situation where we have a thick client application (Java
Swing) and we want the client side logs to be pushed to server side so that
we can use for analysis. Socketappender is one option but looks like there
are plan to depricate socket appenders because of security issues. Please
refer to below
https://www.elastic.co/blog/log4j-input-logstash




--
Sent from: http://apache-logging.6191.n7.nabble.com/Log4j-Users-f4.html

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: HTTPAPPENDER

Ralph Goers
There are no plans to deprecate socket appenders. We only recommend the SerializedLayout not be used. We moved the Socket server out of core because it is meant to be a sample for users to modify to meet their needs, not really use as is.

Ralph

> On Oct 23, 2017, at 11:25 PM, "[hidden email]" <[hidden email]> wrote:
>
> Thanks. We have a situation where we have a thick client application (Java
> Swing) and we want the client side logs to be pushed to server side so that
> we can use for analysis. Socketappender is one option but looks like there
> are plan to depricate socket appenders because of security issues. Please
> refer to below
> https://www.elastic.co/blog/log4j-input-logstash
>
>
>
>
> --
> Sent from: http://apache-logging.6191.n7.nabble.com/Log4j-Users-f4.html
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [hidden email]
> For additional commands, e-mail: [hidden email]
>
>



---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: HTTPAPPENDER

itsganu@gmail.com
Thanks for your response.



--
Sent from: http://apache-logging.6191.n7.nabble.com/Log4j-Users-f4.html

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: HTTPAPPENDER

Matt Sicker
If you want to use the SocketAppender, I'd recommending adding the
appropriate Jackson dependencies and using the JSON layout. I have a desire
to eventually implement a similar layout using Apache Avro and/or Apache
Thrift which would be a lot faster, though either way, just stick with
anything other than plain Java serialization and you should generally be
fine with security (though I'd avoid XML unless you know how to disable all
the helpful "features" that come with typical XML processors that are
gaping security holes).

On 24 October 2017 at 08:42, [hidden email] <[hidden email]> wrote:

> Thanks for your response.
>
>
>
> --
> Sent from: http://apache-logging.6191.n7.nabble.com/Log4j-Users-f4.html
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [hidden email]
> For additional commands, e-mail: [hidden email]
>
>


--
Matt Sicker <[hidden email]>
Reply | Threaded
Open this post in threaded view
|

Re: HTTPAPPENDER

Mikael Ståldal-4
In reply to this post by itsganu@gmail.com
Elasic.co got it wrong in that blog post. The problem is not
SockerAppender, the problem is SerializedLayout.

Maybe people were confusing the two, since SerializedLayout used to be
default layout for SockerAppender. But it has always been possible to
configure SockerAppender to use another layout. And since Log4j 2.9.0,
SerializedLayout is deprecated and no longer default in any appender.

You can use SockerAppender with JsonLayout for sending log events to
Logstash.


On 2017-10-24 08:25, [hidden email] wrote:

> Thanks. We have a situation where we have a thick client application (Java
> Swing) and we want the client side logs to be pushed to server side so that
> we can use for analysis. Socketappender is one option but looks like there
> are plan to depricate socket appenders because of security issues. Please
> refer to below
> https://www.elastic.co/blog/log4j-input-logstash
>
>
>
>
> --
> Sent from: http://apache-logging.6191.n7.nabble.com/Log4j-Users-f4.html
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [hidden email]
> For additional commands, e-mail: [hidden email]
>


---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: HTTPAPPENDER

Ralph Goers
Yes, that blog post is incorrect.  The blog post links to our Jira issue. I have updated that to add the recommendation that user’s use JsonLayout and mention that the SocketServers are still supported.

The blog post doesn’t allow comments and I see no other way to correct them. It is rather annoying since we had this discussion with Jordan at the time. However, the blog entry was posted on April 20 and he only came to understand that the problem was with SerializedLayout on April 28. He never updated it.

Ralph

> On Oct 24, 2017, at 12:58 PM, Mikael Ståldal <[hidden email]> wrote:
>
> Elasic.co got it wrong in that blog post. The problem is not SockerAppender, the problem is SerializedLayout.
>
> Maybe people were confusing the two, since SerializedLayout used to be default layout for SockerAppender. But it has always been possible to configure SockerAppender to use another layout. And since Log4j 2.9.0, SerializedLayout is deprecated and no longer default in any appender.
>
> You can use SockerAppender with JsonLayout for sending log events to Logstash.
>
>
> On 2017-10-24 08:25, [hidden email] wrote:
>> Thanks. We have a situation where we have a thick client application (Java
>> Swing) and we want the client side logs to be pushed to server side so that
>> we can use for analysis. Socketappender is one option but looks like there
>> are plan to depricate socket appenders because of security issues. Please
>> refer to below
>> https://www.elastic.co/blog/log4j-input-logstash
>> --
>> Sent from: http://apache-logging.6191.n7.nabble.com/Log4j-Users-f4.html
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: [hidden email]
>> For additional commands, e-mail: [hidden email]
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [hidden email]
> For additional commands, e-mail: [hidden email]
>
>



---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]