Re: [jira] [Closed] (LOG4J2-2418) NullPointerException when closing never used RollingRandomAccessFileAppender

2019-12-02 Thread Ralph Goers
OK, thanks. Ralph > On Dec 2, 2019, at 1:55 PM, Gary Gregory wrote: > > On Mon, Dec 2, 2019 at 2:02 PM Ralph Goers > wrote: > >> Gary, it looks like you merged this but I don’t see an entry for it in >> changes.xml. >> > > I do, here: > https://github.com/apache/logging-log4j2/blob/67f9d138

Re: [jira] [Closed] (LOG4J2-2418) NullPointerException when closing never used RollingRandomAccessFileAppender

2019-12-02 Thread Gary Gregory
On Mon, Dec 2, 2019 at 2:02 PM Ralph Goers wrote: > Gary, it looks like you merged this but I don’t see an entry for it in > changes.xml. > I do, here: https://github.com/apache/logging-log4j2/blob/67f9d1385d83c2cc16b692813605521f43384fc8/src/changes/changes.xml#L276 Gary > > Ralph > > > On D

Re: [Meta] Article about syslog security limitations

2019-12-02 Thread Ralph Goers
> On Dec 2, 2019, at 12:35 PM, Matt Sicker wrote: > > On Mon, 2 Dec 2019 at 13:00, Ralph Goers wrote: >>> It's hard to find the right balance between not enough and too much coffee >>> ;-) >>> >> >> For me that balance is easy - I hate coffee! >> >> Ralph >> >> > > Yet you program in Ja

Re: [Meta] Article about syslog security limitations

2019-12-02 Thread Matt Sicker
On Mon, 2 Dec 2019 at 13:00, Ralph Goers wrote: > > It's hard to find the right balance between not enough and too much coffee > > ;-) > > > > For me that balance is easy - I hate coffee! > > Ralph > > Yet you program in Java :trollface: -- Matt Sicker

Re: [jira] [Closed] (LOG4J2-2418) NullPointerException when closing never used RollingRandomAccessFileAppender

2019-12-02 Thread Ralph Goers
Gary, it looks like you merged this but I don’t see an entry for it in changes.xml. Ralph > On Dec 2, 2019, at 11:18 AM, Jonas Rutishauser (Jira) wrote: > > > [ > https://issues.apache.org/jira/browse/LOG4J2-2418?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel > ] > >

Re: [Meta] Article about syslog security limitations

2019-12-02 Thread Ralph Goers
> On Dec 2, 2019, at 10:41 AM, Gary Gregory wrote: > > On Mon, Dec 2, 2019 at 11:34 AM Ralph Goers > wrote: > >> >> >>> On Dec 2, 2019, at 9:25 AM, Gary Gregory wrote: >>> >>> On Mon, Dec 2, 2019 at 11:24 AM Ralph Goers >>> wrote: >>> All of this would apply to the original BSD sys

Re: [Meta] Article about syslog security limitations

2019-12-02 Thread Gary Gregory
On Mon, Dec 2, 2019 at 11:34 AM Ralph Goers wrote: > > > > On Dec 2, 2019, at 9:25 AM, Gary Gregory wrote: > > > > On Mon, Dec 2, 2019 at 11:24 AM Ralph Goers > > wrote: > > > >> All of this would apply to the original BSD syslog format. RFC 5424 > solves > >> most of his problems - presuming t

Re: Log4j 2.13.0

2019-12-02 Thread Ralph Goers
If you like it you should really thank Mikael. His initial work on this gave me the idea how to do it. I wish he was able to contribute more these days. Ralph > On Dec 2, 2019, at 9:49 AM, Carter Kozak wrote: > > Thanks Ralph, > > Your work on log4j1 configuration compatibility looks fantast

Re: Log4j 2.13.0

2019-12-02 Thread Carter Kozak
Thanks Ralph, Your work on log4j1 configuration compatibility looks fantastic! I'd like to make sure the fix for LOG4J2-2725 goes into this release, if the PR author doesn't reply in the next day or so I'll take care of it. There are a couple related places I'd like to test for similar types of

Log4j 2.13.0

2019-12-02 Thread Ralph Goers
I have finished all the work on new features I wanted to add for the next release. The latest feature I added is Log4j 2 will now support Log4j 1 xml and properties file configurations. I have flagged it as experimental - it either requires a system property to explicitly enable auto detecting

Re: [Meta] Article about syslog security limitations

2019-12-02 Thread Ralph Goers
> On Dec 2, 2019, at 9:25 AM, Gary Gregory wrote: > > On Mon, Dec 2, 2019 at 11:24 AM Ralph Goers > wrote: > >> All of this would apply to the original BSD syslog format. RFC 5424 solves >> most of his problems - presuming the SIEM supports it. Nowadays I am >> seeing more JSON logging. The

Re: [Meta] Article about syslog security limitations

2019-12-02 Thread Gary Gregory
On Mon, Dec 2, 2019 at 11:24 AM Ralph Goers wrote: > All of this would apply to the original BSD syslog format. RFC 5424 solves > most of his problems - presuming the SIEM supports it. Nowadays I am > seeing more JSON logging. The latest updates to “Logging in the Cloud” in > 2.13.0 will recomme

Re: [Meta] Article about syslog security limitations

2019-12-02 Thread Ralph Goers
All of this would apply to the original BSD syslog format. RFC 5424 solves most of his problems - presuming the SIEM supports it. Nowadays I am seeing more JSON logging. The latest updates to “Logging in the Cloud” in 2.13.0 will recommend using GELF. Ralph > On Dec 2, 2019, at 9:02 AM, Gary

Re: [Meta] Article about syslog security limitations

2019-12-02 Thread Gary Gregory
This is what it says for me: " What's wrong with syslog? A lot, actually. I recently had a post make it to Hacker News , lobste.rs

Re: [Meta] Article about syslog security limitations

2019-12-02 Thread Ralph Goers
I am unable to view that web site as it has certificate problems. Ralph > On Dec 2, 2019, at 8:48 AM, Matt Sicker wrote: > > https://www.myname.website/whats-wrong-with-syslog-a-lot-actually > > This article seems fairly interesting. I know that we support TLS for > syslog, though I didn't kno

[Meta] Article about syslog security limitations

2019-12-02 Thread Matt Sicker
https://www.myname.website/whats-wrong-with-syslog-a-lot-actually This article seems fairly interesting. I know that we support TLS for syslog, though I didn't know that wasn't standard (or is that specific to RFC 5424?). In fact, I'm not even sure how much of his criticism apply to the updated st