DEV Community

Franz Wong
Franz Wong

Posted on

Lots of debug log is written after commons-logging is upgraded to 1.3.0

Background

The default log level of our applications is DEBUG because we aim to separate informative logs from diagnostic logs.

Recently, we received a vulnerability warning from commons-configuration2, prompting us to update the version. After the update, the application runs fine; however, the size of our log has grown from hundreds of kilobytes to a few gigabytes.

Investigation

The update of commons-configuration2 also upgraded commons-logging to version 1.3.0, which includes log4j-jcl. Previously, log4j-jcl was a standalone dependency. Now, all dependencies in our application (mainly commons-beanutils) are capable of writing logs through log4j loggers.

Solution

We modified log4j2.xml to suppress the excessive logging by package. In the long term, we may need to introduce a custom log level between INFO and DEBUG as our default log level; and have a fine grained logging configuration.

Image of Timescale

Timescale – the developer's data platform for modern apps, built on PostgreSQL

Timescale Cloud is PostgreSQL optimized for speed, scale, and performance. Over 3 million IoT, AI, crypto, and dev tool apps are powered by Timescale. Try it free today! No credit card required.

Try free

Top comments (0)

A Workflow Copilot. Tailored to You.

Pieces.app image

Our desktop app, with its intelligent copilot, streamlines coding by generating snippets, extracting code from screenshots, and accelerating problem-solving.

Read the docs

👋 Kindness is contagious

Dive into an ocean of knowledge with this thought-provoking post, revered deeply within the supportive DEV Community. Developers of all levels are welcome to join and enhance our collective intelligence.

Saying a simple "thank you" can brighten someone's day. Share your gratitude in the comments below!

On DEV, sharing ideas eases our path and fortifies our community connections. Found this helpful? Sending a quick thanks to the author can be profoundly valued.

Okay