I have several web applications running on the same tomcat.
I have two questions:
1- By searching, I understood that when multiple applications are present, logging into the same file might make some problems. Is that the case for multiple applications running on the same web server? Is that also correct when default stdout output is used?
2- In Logback library there is a prudent mode:
In prudent mode, FileAppender will safely write to the specified file, even in the presence of other FileAppender instances running in different JVMs, potentially running on different hosts. The default value for prudent mode is false.
I want to know if using Logback is only favorable on multiple JVMs or it is also advantageous for multiple we applications running on the same web server? If not, is it identical to log4j in this aspect?
Thanks
As the slf4j documentation says, you just have to replace all the log4j dependencies with a single one from slf4j, named log4j-over-slf4j: http://slf4j.org/legacy.html#log4j-over-slf4j. Any code that is under your direct control can just use slf4j + logback as it always would.
So which one should you use? I recommend using Log4j2 because it's the fastest and most advanced of the three frameworks. Logback is still a good option, if performance is not your highest priority. Stackify's Application Performance Management tool, Retrace offers log management for your Java applications.
It indeed brings log4j-api , but it does not bring log4j-core , so our starter is not affected by this vulnerability. These articles have different opinion : 1. slf4j.org/log4shell.html. 2.
Yes, it's synchronous by default.
In both log4j and logback if multiple FileAppender
instances write to the same log file, there is a high risk for the said log file becoming corrupt. Whether the FileAppender
instances run on the same JVM or different JVMs is irrelevant, i.e. the risk of corruption is the same.
As mentioned in the docs, in prudent mode logback's FileAppender
will avoid corruption, even in the presence of other FileAppender
instances running in the same or different JVMs, potentially running on different hosts. By default, prudent mode is disabled.
The console cannot be corrupted so the question is moot.
There's one thing which must be clarified: There will be problems when different instances of Log4j are writing to the same file concurrently, whether running in the same JVM or not.
When using servers (and different classloaders) it is possible to have a single server-wide instance or multiple instances of Log4j, depending on deployment and configuration.
Using Filelocks is never actually efficient/secure, so while logging to the same file from different appenders/JVM's works, it is not recommended. See the configuration which I took directly from logback-appenders-faq.
<configuration>
<appender name="FILE" class="ch.qos.logback.core.rolling.RollingFileAppender">
<!-- Support multiple-JVM writing to the same log file -->
<prudent>true</prudent>
<rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
<fileNamePattern>logFile.%d{yyyy-MM-dd}.log</fileNamePattern>
<maxHistory>30</maxHistory>
</rollingPolicy>
<encoder>
<pattern>%-4relative [%thread] %-5level %logger{35} - %msg%n</pattern>
</encoder>
</appender>
<root level="DEBUG">
<appender-ref ref="FILE" />
</root>
</configuration>
Your other options for multiple JVMs writing to some unified source are SocketAppenders and the JDBCAppender.
The JDBCAppender will be completely replaced in the future though and is not recommended either. See logbacks mailinglist.
SocketAppenders might be a little raw, as you probably weren't planing on writing much code for logback.
There is one more option. You could use something like clusterlog, which has been build to solve exactly the kind of problem you have.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With