How do you come up with so much clarity? The video seems to be short, but the effort you would have spent going through their docs and understanding, then coming up with just the information required in 10mins is tremendous. Respect.
"what is the difference?": One of them had a major vulnerability that affected a big part of the internet to be at risk. But I'm not telling which one it is...
Hello Kaushik, kudos on the nice presentation. For your information, log4j predates JDK 1.4 and hence java.util.logging by 3 or 4 years. Thus, the beginning of the presentation where log4j is shown as an improvement upon java.util.logging is historically inaccurate.
Man, we need you to step up and upload your own videos about logging for us people who entered Java world lately. Because senior guys are so acquainted about logging, they think it is esay to understand and implement logging, which definitely is not for newcomers. Also, thank you for all efforts you put in Log4J and Logback. Respect and hello from TR.
Good content ! One thing I'd like to add here is SLF4j vs log4j is that placeholder { } in SLF4j reduces lot of string concatenation in the code and also avoids creation of String Object, thereby reducing the memory requirements , and this could be handled by if (LOGGER.isDebugEnabled()) clause in log4j style.
I want to say something to you Kaushik, I am new to development (less than 1-year experience) currently working with an IT company here in Pakistan as a Java developer, but let me tell you When I get a job in Europe I will surely donate too much money to support your channel. Love for you Kaushik sir! 😄🥰
sir , please do not forget to include yourself in videos next time . like, in many videos we have seen you interacting with us . make it like that . and i am really thankful to you for you microservices session. also please consider covering these topics too : "client side load balancing with ribbon, feign rest client, zuul api loggin filter, distributed tracking with zipkin". i can find these topics covered in youtube but ,the way you explain the things , i understand better.
One of the features I always look for is to change the log level on the fly without restarting the app server. In production, you can keep the log level at severe, but if there is an issue and if you need to turn it to finer level, you cannot do that without restarting the server. Most of the app servers, use simple JDK, but allows to change log level on the fly. So if you don't need the bells and whistles, stick with OOTB.
Logback, SLF4J and Log4j2 are Java logging frameworks. Logback is an implementation with a facade API, SLF4J is a facade for various logging platforms, and Log4j2 provides both a facade API and an implementation. They all aim to provide a standardized API for logging in Java, allowing flexibility in how you choose to actually implement logging.
Supremely digested, thank you so much! I might add, as well as the other videos. You're making a great contribution to the developer society. Very informative and very ingestible.
I should also add that both past experience and recent events suggest to me that no one should use log4j2. If you understand the recent security problems you'd have to conclude that the team involved didn't understand that it was a bad idea to (BY DEFAULT) scan log messages looking for special char sequences and then potentially download and execute remote code based on it. This suggests they don't understand basic security or performance concepts, but also that they don't know that most people won't want all kinds of random and obscure features thrown into their production system, where it would take a lengthy read of docs and/or code to even know what you're getting!
The history part was basically wrong: Java util logging came AFTER log4j. Basically log4j was the first widely adopted logging framework in Java, and later Java borrowed the idea (hierarchical logger, log level, appender/handler) and make up its own logging framework (java.util.logging) The part for log4j2 was wrong too: right slf4j was developed as a facade. And logback was developed as a “native” implementation for slf4j almost at the same time slf4j was introduced (they are from the same guy anyway, which is the original author of log4j) Log4j2 is basically the same: it contains the API part (which is basically what slf4j) and implementation (just like logback). Which means you can use log4j2 API and use slf4j/logback as backend.
1:30 java comes with logging class, java.util.logging Logger.getLogger(someClass) Has log levels: -info -severe -fine Handlers: how to handle logging requests. Console handler, file handler etc People didn’t like the default java logger, because developers are little bitches and so logging libraries were created. 3:30 Log4J, has a Logger class like the default logger and log levels: -info -debug -warn -error Instead of handlers, log4j has appeasers: - file appender - console appender - rolling file - jdbc - smtp - jms 4:50 to standardize the logging api we have Apache commons logging as well as slf4j. These are called facade libraries, they provide an interface but use other libraries to do the actual logging 6:15 log4j successors 6:30 why use sl4j? Done thanks
I think fine is not that FINE the debugger level, but it means the granular logging, which means every single piece of information will be logged when logging level is fine. It contains more sensitive information's and we normally use it when debug or info level logs are not worth analysis.
Hi java brains, I watched your so many tutorials series like spring boot, java and all are so helpful for me. Thanks bro for all those content. One request is that can u make spring boot java testing tutorials series like mockito all those stuff, That would be so helpful 🙂
What we need is to consolidate all the frameworks into one. The authors should get together and merge the best features of each into one. Same with the major frameworks.
Hi Sir I have question here, Even if a .class file enters log what that can do, because it will be on log files, how can hackers can execute java from a log file. May be I'm silly but I got this doubt