Daniel Micay on Twitter: "@Johnny_Filter @WeldPond Or simply use java.util.logging which is even simpler and lower attack surface. It's more than enough to meet the needs of nearly anyone. https://t.co/MZ9jFHTl39 Should reconsider doing complex processing, triggers, etc. via a library instead of a separate isolated process." / Twitter

Dec 15, 2021

For Apache Log4j remediation priority it seems the best approach right now is: 1. log4j 2.x through 2.14 - update to 2.16 2. log4j 1.x - update to 2.16 3. log4j 2.15 - update to 2.16

219

876

Replying to

log4j 1.x - update to logback.qos.ch as it’s the real successor of it.

Replying to

and

Or simply use java.util.logging which is even simpler and lower attack surface. It's more than enough to meet the needs of nearly anyone. twitter.com/DanielMicay/st Should reconsider doing complex processing, triggers, etc. via a library instead of a separate isolated process.

Quote Tweet

Daniel Micay

@DanielMicay

Dec 14, 2021

java.util.logging is easy to use and has everything you would ever need. If you want fancy processing/triggers, you should use rsyslog. logger.warning("message"); logger.fine(() -> "lazy evaluation: " + parameter); That high-level API dynamically adds class/method name itself.

Show this thread

9:00 PM · Dec 15, 2021Twitter Web App

Replying to

and

Yep, I think Java.until.logging will be my end of year project

Conversation