Home > front end >  Could Elasticsearch hot reload log4j2.properties?
Could Elasticsearch hot reload log4j2.properties?

Time:12-16

I have a production elasticsearch used log4j that is vulnerable

./lib/log4j-api-2.11.1.jar
./lib/log4j-core-2.11.1.jar

because it's a production environment, I do not want to reboot it, I saw somebody said could hot reload it in the below manner

 you can still mitigate it in those cases by replacing %m, %msg, and %message in log4j2.xml with %m{nolookups} instead

In my case it uses log4j2.properties, there is one line as below

appender.console.layout.pattern = [%d{ISO8601}][%-5p][%-25c{1.}] [%node_name]%marker %m%n

whether modify this line like below

appender.console.layout.pattern = [%d{ISO8601}][%-5p][%-25c{1.}] [%node_name]%marker %m{nolookups}%n

and it can take effect automatically without the need to reboot explicitly?

CodePudding user response:

Log4j2 does not have a file watcher that enables hot reaload of configurations per default. You must still restart your server in order to apply the new pattern.

Page link:https//www.codepudding.com/frontend/229527.html

Prev:How to make Neptune Search more lenient
Next:How to test DELETE, PUT, GET single object requests in Spring Boot?
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding