Log4j RELP Plugin

Creates Log4j appender that uses RELP to ensure no events are lost.

See log4j.example.properties for example config

Please note

Please note that regarding log4j version 1.2.17 following vulnerabilities exist and we recommend not to use these features:

• CVE-2020-9488 Improper validation of certificate with host mismatch in Apache Log4j SMTP appender.

• CVE-2019-17571 Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data.

Property explanations

Property	Description
log4j.appender.RELPAPPENDER.relpAddress	Connection destination address
log4j.appender.RELPAPPENDER.relpPort	Connection destination port
log4j.appender.RELPAPPENDER.appName	Stream application identifier. Maximum length of 48 characters, limited by RFC5424
log4j.appender.RELPAPPENDER.hostname	Stream host identifier. Maximum length of 255 characters, limited by RFC5424
log4j.appender.RELPAPPENDER.connectionTimeout	Time to wait before timing out connection
log4j.appender.RELPAPPENDER.writeTimeout	Time to wait for destination to accept data
log4j.appender.RELPAPPENDER.readTimeout	Time to wait for destination to acknowledge sent data (low values cause duplicates)
log4j.appender.RELPAPPENDER.reconnectInterval	Time to wait between re-connection attempts
log4j.appender.RELPAPPENDER.useSD	Enables structured data containing uuid and source information

Usage

Pass log4j.properties file as property

-Dlog4j.configuration=file:/path/to/log4j.properties

Using the logger

static Logger logger = Logger.getLogger(MyClass.class.getName());
logger.info("Info Message");
logger.warn("Warning message");
logger.trace("Trace message");
// Finally shutdown so RELP can disconnect gracefully
LogManager.shutdown();

Maven dependency definition

<dependency>
    <groupId>com.teragrep</groupId>
    <artifactId>jla_05</artifactId>
    <version>%VERSION%</version>
</dependency>

Configuring pre-built log4j application

First download wanted versions of jla_05, rlp_01 and rlo_14 from the following urls:

• jla_05

• rlp_01

• rlo_14

Then run java while pointing classpath to the directory where you downloaded the jars to like:

java -cp "path/to/downloaded/jars/*:target/example.jar" com.teragrep.example.Main

Contributing

You can involve yourself with our project by opening an issue or submitting a pull request.

Contribution requirements:

1. All changes must be accompanied by a new or changed test. If you think testing is not required in your pull request, include a sufficient explanation as why you think so.

2. Security checks must pass

3. Pull requests must align with the principles and values of extreme programming.

4. Pull requests must follow the principles of Object Thinking and Elegant Objects (EO).

Read more in our Contributing Guideline.

Contributor License Agreement

Contributors must sign Teragrep Contributor License Agreement before a pull request is accepted to organization’s repositories.

You need to submit the CLA only once. After submitting the CLA you can contribute to all Teragrep’s repositories.