Log4j 2 is nominated for the JAX Innovation Awards! Do you like its performance, garbage-free logging, and easy and flexible configuration? Log4j 2 needs your love. Vote for Log4j 2! |
On August 5, 2015 the Logging Services Project Management Committee announced that Log4j 1.x had reached end of life. For complete text of the announcement please see the Apache Blog. Users of Log4j 1 are recommended to upgrade to Apache Log4j 2.
log4j is a tool to help the programmer output log statements to a variety of output targets.
In case of problems with an application, it is helpful to enable logging so that the problem can be located. With log4j it is possible to enable logging at runtime without modifying the application binary. The log4j package is designed so that log statements can remain in shipped code without incurring a high performance cost. It follows that the speed of logging (or rather not logging) is capital.
At the same time, log output can be so voluminous that it quickly becomes overwhelming. One of the distinctive features of log4j is the notion of hierarchical loggers. Using loggers it is possible to selectively control which log statements are output at arbitrary granularity.
log4j is designed with three goals in mind: reliability, speed and flexibility. There is a tight balance between these requirements. We believe that log4j strikes the right balance.
No. log4j is not reliable. It is a best-effort fail-stop logging system.
By fail-stop, we mean that log4j will not throw unexpected exceptions at run-time potentially causing your application to crash. If for any reason, log4j throws an uncaught exception, please send an email to the log4j-user@logging.apache.org mailing list. Uncaught exceptions are handled as serious bugs requiring immediate attention.
Moreover, log4j will not revert to System.out or System.err when its designated output stream is not opened, is not writable or becomes full. This avoids corrupting an otherwise working program by flooding the user's terminal because logging fails. However, log4j will output a single message to System.err indicating that logging can not be performed.
Log4j 1.2.8 and earlier are compatible with JDK 1.1.x and later, later versions of log4j 1.2 are compatible with JDK 1.2 and later.
The DOMConfigurator is based on the DOM Level 1 API. The DOMConfigurator.configure(Element) method will work with any XML parser that will pass it a DOM tree.
The DOMConfigurator.configure(String filename) method and its variants require a JAXP compatible XML parser, for example Xerces or Sun's parser. Compiling the DOMConfigurator requires the presence of a JAXP parser in the classpath.
The org.apache.log4j.net.SMTPAppender relies on the JavaMail API. It has been tested with JavaMail API version 1.2. The JavaMail API requires the JavaBeans Activation Framework package.
The org.apache.log4j.net.JMSAppender requires the presence of the JMS API as well as JNDI.
log4j test code relies on the JUnit testing framework.
log4j is optimized for speed.
log4j is based on a named logger hierarchy.
log4j is fail-stop. However, altough it certainly strives to ensure delivery, log4j does not guarantee that each log statement will be delivered to its destination.
log4j is thread-safe.
log4j is not restricted to a predefined set of facilities.
Logging behavior can be set at runtime using a configuration file. Configuration files can be property files or in XML format.
log4j is designed to handle Java Exceptions from the start.
log4j can direct its output to a file, the console, an java.io.OutputStream, java.io.Writer, a remote server using TCP, a remote Unix Syslog daemon, to a remote listener using JMS, to the NT EventLog or even send e-mail.
log4j uses 6 levels, namely TRACE, DEBUG, INFO, WARN, ERROR and FATAL.
The format of the log output can be easily changed by extending the Layout class.
The target of the log output as well as the writing strategy can be altered by implementations of the Appender interface.
log4j supports multiple output appenders per logger.
log4j supports internationalization.
See the examples/ directory.
Make sure to read the short manual. It is also recommended to you read The complete log4j manual which is much more detailed and up to date. Both documents were written by Ceki Gülcü.
Yes, log4j is thread-safe. Log4j components are designed to be used in heavily multithreaded systems.
The log output can be customized in many ways. Moreover, one can completely override the output format by implementing one's own Layout.
Here is an example output using PatternLayout with the conversion pattern "%r [%t] %-5p %c{2} %x - %m%n"
176 [main] INFO examples.Sort - Populating an array of 2 elements in reverse order. 225 [main] INFO examples.SortAlgo - Entered the sort method. 262 [main] DEBUG SortAlgo.OUTER i=1 - Outer loop. 276 [main] DEBUG SortAlgo.SWAP i=1 j=0 - Swapping intArray[0] = 1 and intArray[1] = 0 290 [main] DEBUG SortAlgo.OUTER i=0 - Outer loop. 304 [main] INFO SortAlgo.DUMP - Dump of interger array: 317 [main] INFO SortAlgo.DUMP - Element [0] = 0 331 [main] INFO SortAlgo.DUMP - Element [1] = 1 343 [main] INFO examples.Sort - The next log statement should be an error message. 346 [main] ERROR SortAlgo.DUMP - Tried to dump an uninitialized array. at org.log4j.examples.SortAlgo.dump(SortAlgo.java:58) at org.log4j.examples.Sort.main(Sort.java:64) 467 [main] INFO examples.Sort - Exiting main method.
The first field is the number of milliseconds elapsed since the start of the program. The second field is the thread outputting the log statement. The third field is the level of the log statement. The fourth field is the rightmost two components of the logger making the log request. The fifth field (just before the '-') is the nested diagnostic context (NDC). Note the nested diagnostic context may be empty as in the first two statements. The text after the '-' is the message of the statement.
Although both APIs are conceptually similar, the log4j API is significantly more flexible and offers many more features, too numerous to be listed here. You will discover that the additional features and flexibility turn out to be indispensable in the context of a mission-critical application.
The open and collaborative way in which log4j is developped ensures that it continues to preserve and even widen its competitive edge. At some point, input from bright developers from all over the world is bound to make a difference.
Lggers lie at the heart of log4j. Loggers define a hierarchy and give the programmer run-time control on which statements are printed or not.
Loggers are assigned levels. A log statement is printed depending on its level and its logger.
Make sure to read the log4j manual for more information.
Log behavior can be set using configuration files which are parsed at runtime. Using configuration files the programmer can define loggers and set their levels.
The PropertyConfigurator defines a particular format of a configuration file. See also the examples/Sort.java example and associated configuration files.
Configuration files can be specified in XML. See log4j.dtd and org.log4j.xml.DOMConfigurator for more details.
See the various Layout and Appender components for specific configuration options.
In addition to configuration files, the user may disable all messages belonging to a set of levels. See next item.
For some logger l, writing,
l.debug("Entry number: " + i + " is " + String.valueOf(entry[i]));
incurs the cost of constructing the message parameter, that is converting both integer i and entry[i] to a String, and concatenating intermediate strings. This, regardless of whether the message will be logged or not.
If you are worried about speed, then write
if(l.isDebugEnabled()) { l.debug("Entry number: " + i + " is " + String.valueOf(entry[i])); }
or using LogMF from the extras companion write
LogMF.debug(logger, "Entry number: {0} is {1}", i, entry[i]);
This way you will not incur the cost of parameter construction if debugging is disabled for logger l. On the other hand, if the logger is debug enabled, you will incur the cost of evaluating whether the logger is enabled or not, twice: once in debugEnabled and once in debug. This is an insignificant overhead since evaluating a logger takes less than 1% of the time it takes to actually log a statement.
Yes, there are.
You can name loggers by locality. It turns out that instantiating a logger in each class, with the logger name equal to the fully-qualified name of the class, is a useful and straightforward approach of defining loggers. This approach has many benefits:
However, this is not the only way for naming loggers. A common alternative is to name loggers by functional areas. For example, the "database" logger, "RMI" logger, "security" logger, or the "XML" logger.
You may choose to name loggers by functionality and subcategorize by locality, as in "DATABASE.com.foo.some.package.someClass" or "DATABASE.com.foo.some.other.package.someOtherClass".
You are totally free in choosing the names of your loggers. The log4j package merely allows you to manage your names in a hierarchy. However, it is your responsibility to define this hierarchy.
Note by naming loggers by locality one tends to name things by functionality, since in most cases the locality relates closely to functionality.
You can easily retrieve the fully-qualified name of a class in a static block for class X, with the statement X.class.getName(). Note that X is the class name and not an instance. The X.class statement does not create a new instance of class X.
Here is the suggested usage template:
package a.b.c; public class Foo { final static Logger logger = Logger.getLogger(Foo.class); ... other code }
Yes, you can extend the Layout class to create you own customized log format. Appenders can be parameterized to use the layout of your choice.
Log4j uses JavaBeans style configuration.
Thus, any setter method in FooBarAppender corresponds to a configurable option. For example, in RollingFileAppender the setMaxBackupIndex(int maxBackups) method corresponds to the maxBackupIndex option. The first letter of the option can be upper case, i.e. MaxBackupIndex and maxBackupIndex are equivalent but not MAXBACKUPIndex nor mAXBackupIndex.
Layouts options are also defined by their setter methods. The same goes for most other log4j components.
We suggest to just use global file search/replace. You should be able to replace all the "java.util.Logger" references with "org.apache.log4j.Logger", and you should be on your way.
If you're on a Win32 platform, we recommend Textpad. You can use the CTRL+SHIFT+O to open all *.java files from a directory including all its sub-directories, and then use the search/replace function to replace in all files, and then CTRL+SHIFT+S to save all. Should take about 60 seconds! :)
Yes it is. Setting the Threshold option of any appender extending AppenderSkeleton, (most log4j appenders extend AppenderSkeleton) to filter out all log events with lower level than the value of the threshold option.
For example, setting the threshold of an appender to DEBUG also allow INFO, WARN, ERROR and FATAL messages to log along with DEBUG messages. This is usually acceptable as there is little use for DEBUG messages without the surrounding INFO, WARN, ERROR and FATAL messages. Similarly, setting the threshold of an appender to ERROR will filter out DEBUG, INFO and WARN messages but not ERROR or FATAL messages.
This policy usually best encapsulates what the user actually wants to do, as opposed to her mind-projected solution.
See examples/sort4.lcf for an example threshold configuration.
If you must filter events by exact level match, then you can attach a LevelMatchFilter to any appender to filter out logging events by exact level match.
The NT Event Viewer relies on message resource DLLs to properly view an event message. The NTEventLogAppender.dll contains these message resources, but that DLL must be copied to %SYSTEMROOT%\SYSTEM32 for it to work properly.
Unfotunately, the logger names are hardcoded within the message resource DLL (see previous question about NTEventLogAppender), so there isn't any easy way to override those dynamically... in fact, I don't think it's possible to do it, as you'd have to modify the DLL resources for every application. Since most native applications don't use the Logger column anyway...
The suggested approach depends on your design requirements. If you or your organization has no constraints on the use of Java in JSP pages, simply use log4j normally in <% ... %> statements as indicated in the Short Manual and the rest of the documentation.
However, if your design calls for a minimum amount of Java in your JSP pages, consider using the Log Taglib from the Jakarta Taglibs project. It provides logging JSP tags that invoke log4j.
Many developers are confronted with the problem of distinguishing the log output originating from the same class but different client requests. They come up with ingenious mechanisms to fan out the log output to different files. In most cases, this is not the right approach.
It is simpler to use a nested diagnostic context (NDC). Typically, one would NDC.push() client specific information, such as the client's hostname, ID or any other distinguishing information when starting to handle the client's request. Thereafter, log output will automatically include the nested diagnostic context so that you can distinguish logs from different client requests even if they are output to the same file.
See the NDC and the PatternLayout classes for more information. The NumberCruncher example shows how the NDC can be used to distinguish the log output from multiple clients even if they share the same log file.
For select applications, such as virtual hosting web-servers, the NDC solution is not sufficient. As of version 0.9.0, log4j supports multiple hierarchy trees. Thus, it is possible to log to different targets from the same logger depending on the current context.
It is quite nontrivial to define the semantics of a "removed" logger escecially if it is still referenced by the user. Future releases may include a remove method in the Logger class.
You may have each process log to a SocketAppender. The receiving SocketServer (or SimpleSocketServer) can receive all the events and send them to a single log file.
The timestamp is created when the logging event is created. That is so say, when the debug, info, warn, error or fatal method is invoked. Thus, the timestamp is unaffected by the time at which event arrive at a remote socket server.
Timestamps are stored in UTC format inside the event. Consequently, when displayed or written to a log file, timestamps appear in the same timezone as the host displaying or creating the logfile. Note that because the clocks of various machines may not be synchronized, there may be timestamp inconsistencies between events generated on different hosts. The EnhancedPatternLayout in the extras companion supports explicit specification of the timezone using a pattern like "%d{HH:mm}{GMT}".
The short answer: the log4j classes and the properties file are not within the scope of the same classloader.
The long answer (and what to do about it): J2EE or Servlet containers utilize Java's class loading system. Sun changed the way classloading works with the release of Java 2. In Java 2, classloaders are arranged in a hierarchial parent-child relationship. When a child classloader needs to find a class or a resource, it first delegates the request to the parent.
Log4j only uses the default Class.forName() mechanism for loading classes. Resources are handled similarly. See the documentation for java.lang.ClassLoader for more details.
So, if you're having problems, try loading the class or resource yourself. If you can't find it, neither will log4j. ;)
Yes. Both the DOMConfigurator and the PropertyConfigurator support automatic reloading through the configureAndWatch method. See the API documentation for more details.
Because the configureAndWatch launches a separate wathdog thread, and because there is no way to stop this thread in log4j 1.2, the configureAndWatch method is unsafe for use in J2EE envrironments where applications are recycled.
Contrary to the GNU Public License (GPL) the Apache Software License does not make any claims over your extensions. By extensions, we mean totally new code that invokes existing log4j classes. You are free to do whatever you wish with your proprietary log4j extensions. In particular, you may choose to never release your extensions to the wider public.
We are very careful not to change the log4j client API so that newer log4j releases are backward compatible with previous versions. We are a lot less scrupulous with the internal log4j API. Thus, if your extension is designed to work with log4j version n, then when log4j release version n+1 comes out, you will probably need to adapt your proprietary extensions to the new release.
Thus, you will be forced to spend precious resources in order to keep up with log4j changes. This is commonly referred to as the "stupid-tax." By donating the code and making it part of the standard distribution, you save yourself the unnecessary maintenance work.
If your extensions are useful then someone will eventually write an extension providing the same or very similar functionality. Your development effort will be wasted. Unless the proprietary log4j extension is business critical, there is little reason for not donating your extensions back to the project.
Write a test case for your contribution.
There is nothing more irritating than finding the bugs in debugging (i.e. logging) code. Writing a test case takes some effort but is crucial for a widely used library such as log4j. Writing a test case will go a long way in earning you the respect of fellow developers. See the tests/ directory for exiting test cases.
Stick to the existing indentation style even if you hate it.
Alternating between indentation styles makes it hard to understand the source code. Make it a little harder on yourself but easier on others.
Log4j has adopted a rather conservative approach by following the Code Conventions for the JavaTM Programming Language. We use 2 (two) spaces for indentation and no tabs.
Please do not both modify the code and change the indentation in a single commit.
If you change the code and reformat it at the same time and then commit, the commit notification message will be hard to read. It will contain many diffs associated with the reformatting in addition to logical changes.
If you must reformat and change the code, then perform each step separately. For example, reformat the code and commit. Following that, you can change the logic and commit. The two steps can be performed in the reverse order just as well. You can first change the logic and commit and only later reformat and commit.
Make every effort to stick to the JDK 1.1 API.
One of the important advantages of log4j is its compatibility with JDK 1.1.x.
Always keep it simple, small and fast when possible.
It's all about the application not about logging.
Identify yourself as a contributor at the top of the relevant file.
Take responsibility for your code.
Authoring software is very much like running a marathon. It takes time and endurance.
Did we mention sticking with the indentation style?
Did we mention writing test cases?
There are several reasons this can occur:
It is possible, but rarely appropriate. The request is commonly for a level named something like "audit" that doesn't obviously fit in the progression "trace", "debug", "info", "warn", "error" and "fatal". In that case, the request for a level is really a request for a mechanism to specify a different audience. The appropriate mechanism is to use a distinct logger name (or tree) for "audit" related messages.
Tomcat will, by default, clear all static members when unloading classes, however this process can trigger initialization of classes which may then call a class that has been cleared resulting in a NullPointerException or some undesirable behavior. Bug 40212) describes the problem in detail and has a patch which at this writing has not been applied to Tomcat. Glassfish had a similar problem and accepted the patch.
The following are recommended to avoid this problem:
It is impossible for log4j to defend against all attacks on its internal state by a class loader. There is a limit to the defensive measures that will be incorporated.
For more background, see bugs 40212, 41939, 43867, 40159, 43181, 41316 and 37956.
The SMTPAppender may be influenced by mail.smtp and mail.smtps system properties.