logging-log4j-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Curt Arnold <carn...@apache.org>
Subject Re: newbie question
Date Fri, 17 Mar 2006 14:35:38 GMT

On Mar 17, 2006, at 7:56 AM, Gunter, Tony wrote:

> Might this also have unintended consequences, say if someone wanted to
> turn off all diagnostic logging on production?  Doesn't log4j provide
> the ability to execute maximum logging levels (including OFF)  
> across the
> entire hierarchy?

I'm not following your question or statement.  Changing a log  
configuration file should be secured since you could at least  
seriously degrade an applications performance by changing the  
logging.  Using a single logging hierarchy with a branch dedicated to  
business events doesn't buy you any more or less protection from  
malicious or unintentional changes in the logging configuration than  
having two independently configured hierarchies.  It is expected that  
those working directly with configuration files know what they are  
doing (particularly if the system is live).

If somebody wanted to turn off all diagnostic logging (and they had  
access rights to the logging configuration file), they would set the  
level of the root logger to OFF which would disable all diagnostic  
logging.  If a level had been set for business-events, it would  
override the inherited level from root and so would not be affected  
by the change to the root level.

Since this is phrased as "newbie question", I thought it would be  
better to suggest a common and widely used approach (one hierarchy  
with a branch for non-diagnostic logging) and discourage using a  
complicated and novel approach (multiple hierarchies) until you have  
more experience and a clear need.

To unsubscribe, e-mail: log4j-user-unsubscribe@logging.apache.org
For additional commands, e-mail: log4j-user-help@logging.apache.org

View raw message