What is the simplest way to print log output to console when running java program without getting the fortify error Poor Logging Practice: Use of a System Output Stream?

I want to print out few lines so it is displayed after the program is finished. System.out.println isn't accepted as best practice. What other method can I use?

public static void IBanUpdateTest(){   
    driver.get("http://10.10.10.10/demo-web-1.0-SNAPSHOT"); //define the url
    String pageTitle = driver.getTitle();       //get the title of the webpage
    System.out.println("The title of this page is ===> "  pageTitle);
    Assert.assertEquals("IBan - Business ID code", pageTitle);    //verify the title of the webpage
    driver.findElement(By.id("0iban")).clear();//clear the input field before entering any value
    driver.findElement(By.id("0iban")).sendKeys("5464564654");//enter the IBan Value
    driver.findElement(By.id("0businessIdentifierCode")).clear();
    driver.findElement(By.id("0businessIdentifierCode")).sendKeys("54645646548546465"); //enter the BIC value 
    driver.findElement(By.id("0updateRow")).click();      //click Update button
    System.out.println("Successfully updated the row");
}

CodePudding user response：

It is generally considered a bad practice to log to System.out, Fortify is correctly flagging this. I would not recommend simply ignoring it / turning off the warning.

As others have mentioned in the comments, Spring Boot has the Logback logging library configured by default. You can configure loggers in code, but that just becomes noise after a while, so many find it convenient to add the Lombok library and to use it's @Log annotation to have a logger generated at compile time. Then your code becomes something like:

@Log
public class MyClassThatLogs {
  public void myMethod() {
    log.info("myMethod was called");
  }
}

CodePudding user response：

I believe this is the best solution:

Logger logger = LoggerFactory.getLogger(YourClass.class);