Log4j-core-2.8.2.jar: 2 Vulnerabilities (highest Severity Is: 10.0) [main]

Apache log4j is a versatile, industrial-grade java logging framework composed of an api, its implementation, and components to assist the deployment for various use cases. Log4j is essentially composed of a logging api called log4j api, and its reference implementation called log4j core. Log4j also bundles several logging bridges to enable log4j core consume from foreign.

You can manually download all published log4j distributions, verify them, and see their licensing information by following the instructions in the download page of logging services. Apache log4j 2 is an upgrade to log4j that provides significant improvements over its predecessor, log4j 1.x, and provides many of the improvements available in logback while fixing some inherent. This page tries to cover the most prominent log4j api features.

Did you know that log4j provides a specialized api for kotlin? Check out the log4j kotlin project for details. Log4j 2 is garbage free for stand-alone applications, and low garbage for web applications during steady state logging.

Log4j provides configuration options that discard log events if the load on the application is high. The spring-boot-starter-log4j2 artifact will automatically install log4j core, jul-to-log4j bridge, and configure them.