This is an automated email from the ASF dual-hosted git repository.
vy pushed a commit to branch 2.x
in repository https://gitbox.apache.org/repos/asf/logging-log4j2.git
The following commit(s) were added to refs/heads/2.x by this push:
new 96eb0d0009 Update main website page
96eb0d0009 is described below
commit 96eb0d00099b709663a251484f2967cbb93b0230
Author: Volkan Yazıcı <[email protected]>
AuthorDate: Wed Nov 1 17:04:01 2023 +0100
Update main website page
---
README.adoc | 2 +-
src/site/asciidoc/index.adoc | 63 ++++++++++++++
src/site/markdown/index.md.vm | 189 ------------------------------------------
3 files changed, 64 insertions(+), 190 deletions(-)
diff --git a/README.adoc b/README.adoc
index 11583b9244..966f0c1e26 100644
--- a/README.adoc
+++ b/README.adoc
@@ -20,5 +20,5 @@
https://search.maven.org/artifact/org.apache.logging.log4j/log4j-api[image:https
https://libraries.io/maven/org.apache.logging.log4j:log4j-core/2.20.0[image:https://img.shields.io/librariesio/release/maven/org.apache.logging.log4j%3Alog4j-core/2.20.0?label=dependencies%20(2.x)[Libraries.io
dependency status for 2.x]]
https://github.com/apache/logging-log4j2/security/code-scanning[image:https://github.com/apache/logging-log4j2/actions/workflows/codeql-analysis.yml/badge.svg?branch=2.x[CodeQL
(2.x)]]
-Apache Log4j is a versatile, industrial-strength Java logging framework
composed of an API, its implementation, and components to assist the
deployment for various use cases.
+Apache Log4j is a versatile, industrial-grade Java logging framework composed
of an API, its implementation, and components to assist the deployment for
various use cases.
For further information (support, download, etc.) see
https://logging.apache.org/log4j[the project website].
diff --git a/src/site/asciidoc/index.adoc b/src/site/asciidoc/index.adoc
new file mode 100644
index 0000000000..8efb1314ec
--- /dev/null
+++ b/src/site/asciidoc/index.adoc
@@ -0,0 +1,63 @@
+////
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ https://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+////
+
+= Apache Log4j
+
+Apache Log4j is a versatile, industrial-grade Java logging framework composed
of an API, its implementation, and components to assist the deployment for
various use cases.
+Log4j is
https://security.googleblog.com/2021/12/apache-log4j-vulnerability.html[used by
8% of the Maven ecosystem] and listed as one of
https://docs.google.com/spreadsheets/d/1ONZ4qeMq8xmeCHX03lIgIYE4MEXVfVL6oj05lbuXTDM/edit#gid=1024997528[the
top 100 critical open source software projects].
+The project is actively maintained by a link:team.html[team] of several
volunteers and xref:support.adoc[support]ed by a big community.
+
+[#links]
+== Quick links
+- link:maven-artifacts.html[How can I add Log4j artifacts to my
Maven/Ivy/Gradle project?]
+- link:manual/usage.html?[How can I use the Log4j API?]
+- link:manual/configuration.html[How can I configure my `log4j2.xml`?]
+- link:release-notes.adoc[Where are the release notes?]
+- link:support.adoc[**I need help!**]
+
+[#features]
+== Features
+
+We share below some highlights from Log4j features.
+
+Batteries included::
+Log4j bundles a rich set of components to assist various use cases.
+* link:manual/appenders.html[Appenders] targeting files, network sockets,
databases, SMTP servers, etc.
+* link:manual/layouts.html[Layouts] that can render CSV, HTML, JSON, Syslog,
etc. formatted outputs
+* link:manual/filters.html[Filters] that can be configured using log event
rates, regular expressions, scripts, time, etc.
+* link:manual/lookups.html[Lookups] for accessing system properties,
environment variables, log event fields, etc.
+
+
+API separation::
+The API for Log4j (i.e., `log4j-api`) is separate from the implementation
(i.e., `log4j-core`) making it clear for application developers which classes
and methods they can use while ensuring forward compatibility.
+(See link:manual/api-separation.html[API Separation] for details.)
+The Log4j API also provides the most feature rich logging facade in the
market; support for various `Message` types (`Object`, `Map`, etc.) besides
plain `String`, lambda expressions, parametrized logging, markers, levels,
diagnostic contexts (aka. MDC/NDC), etc.
+Check out the link:manual/api.html[Java API], link:/log4j/kotlin[Kotlin API],
and link:/log4j/scala[Scala API] pages for further information.
+
+No vendor lock-in::
+Even though the Log4j API is implemented by the Log4j at its fullest, users
can choose to use another logging backend.
+This can be achieved by either using another backend implementing the Log4j
API, or forwarding Log4j API calls to another logging facade (e.g., SLF4J) and
using a backend for that particular facade.
+
+Performance::
+When configured correctly, Log4j can deliver excelling performance without
almost any burden on the Java garbage collector.
+This is made possible via an asynchronous logger founded on the
https://lmax-exchange.github.io/disruptor/[LMAX Disruptor] technology (having
its roots in the demanding industry of financial trading) and the garbage-free
features baked at hot paths.
+Check out the link:performance.html[Performance] page for details.
+
+Extensibility::
+Log4j contains a fully-fledged xref:manual/plugins.html[plugin support] that
users can leverage to extend its functionality.
+You can easily add your own components (layouts, appenders, filters, etc.) or
customizing existing ones (e.g., adding new directives to the
link:manual/layouts.html#PatternLayout[Pattern] or
xref:manual/json-template-layout.adoc#extending[JSON Template Layout]).
+Check out the link:manual/extending.html[Extending Log4j] page.
diff --git a/src/site/markdown/index.md.vm b/src/site/markdown/index.md.vm
deleted file mode 100644
index a6cb51313d..0000000000
--- a/src/site/markdown/index.md.vm
+++ /dev/null
@@ -1,189 +0,0 @@
-<!-- vim: set syn=markdown : -->
-<!--
- Licensed to the Apache Software Foundation (ASF) under one or more
- contributor license agreements. See the NOTICE file distributed with
- this work for additional information regarding copyright ownership.
- The ASF licenses this file to You under the Apache License, Version 2.0
- (the "License"); you may not use this file except in compliance with
- the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
--->
-#set($dollar = '$')
-#set($h1='#')
-#set($h2='##')
-#set($h3='###')
-#set($h4='####')
-
-$h1 Apache Log4j™ 2
-
-Apache Log4j 2 is an upgrade to Log4j that provides significant improvements
over its predecessor, Log4j 1.x, and
-provides many of the improvements available in Logback while fixing some
inherent problems in Logback's architecture.
-
-<a name="CVE-2021-44832"/>
-
-$h2 Important: Security Vulnerability CVE-2021-44832
-
-Summary: Apache Log4j2 vulnerable to RCE via JDBC Appender when attacker
controls configuration.
-
-$h4 Details
-
-Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix
releases 2.3.2 and 2.12.4) are vulnerable to
-a remote code execution (RCE) attack where an attacker with permission to
modify the logging configuration file can
-construct a malicious configuration using a JDBC Appender with a data source
referencing a JNDI URI which can execute
-remote code. This issue is fixed by limiting JNDI data source names to the
java protocol in Log4j2 versions 2.17.1,
-2.12.4, and 2.3.2.
-
-$h4 Mitigation
-Upgrade to Log4j 2.3.2 (for Java 6), 2.12.4 (for Java 7), or 2.17.1 (for Java
8 and later)
-
-$h4 Reference
-Please refer to the [Security page](security.html#CVE-2021-44832) for details
and mitigation measures for older
-versions of Log4j.
-
-$h2 Important: Security Vulnerabilities CVE-2021-45105, CVE-2021-45046 and
CVE-2021-44228
-
-Please refer to the [Security page](security.html) for details and mitigation
measures for these security issues.
-
-$h2 Features
-
-$h3 API Separation
-
-The API for Log4j is separate from the implementation making it clear for
application developers which classes and
-methods they can use while ensuring forward compatibility. This allows the
Log4j team to improve the implementation
-safely and in a compatible manner.
-
-The Log4j API is a logging facade that may, of course, be used with the Log4j
implementation, but may also be used
-in front of other logging implementations such as Logback. The Log4j API has
several advantages over SLF4J:
-1. The Log4j API supports logging [Messages](manual/messages.html) instead of
just Strings.
-2. The Log4j API supports lambda expressions.
-3. The Log4j API provides many more logging methods than SLF4J.
-4. In addition to the "parameterized logging" format supported by SLF4J, the
Log4j API also supports events using
- the java.text.MessageFormat syntax as well printf-style messages.
-5. The Log4j API provides a LogManager.shutdown() method. The underlying
logging implementation must implement the
- Terminable interface for the method to have effect.
-6. Other constructs such as Markers, log Levels, and ThreadContext (aka MDC)
are fully supported.
-
-$h3 Improved Performance
-
-Log4j 2 contains next-generation Asynchronous Loggers based on the LMAX
Disruptor library. In multi-threaded scenarios
-Asynchronous Loggers have 18 times higher throughput and orders of magnitude
lower latency than Log4j 1.x and Logback.
-See [Asynchronous Logging Performance](manual/async.html#Performance) for
details. Otherwise, Log4j 2 significantly
-outperforms Log4j 1.x, Logback and java.util.logging, especially in
multi-threaded applications.
-See [Performance](performance.html) for more information.
-
-$h3 Support for multiple APIs
-
-While the Log4j 2 API will provide the best performance, Log4j 2 provides
support for the Log4j 1.2, SLF4J, Commons
-Logging and java.util.logging (JUL) APIs.
-
-$h3 Avoid lock-in
-
-Applications coded to the Log4j 2 API always have the option to use any
SLF4J-compliant library as their logger
-implementation with the log4j-to-slf4j adapter.
-
-$h3 Automatic Reloading of Configurations
-
-Like Logback, Log4j 2 can automatically reload its configuration upon
modification. Unlike Logback, it will do so
-without losing log events while reconfiguration is taking place.
-
-$h3 Advanced Filtering
-
-Like Logback, Log4j 2 supports filtering based on context data, markers,
regular expressions, and other components in
-the Log event. Filtering can be specified to apply to all events before being
passed to Loggers or as they pass through
-Appenders. In addition, filters can also be associated with Loggers. Unlike
Logback, you can use a common Filter class
-in any of these circumstances.
-
-$h3 Plugin Architecture
-
-Log4j uses the plugin pattern to configure components. As such, you do not
need to write code to create and configure an
-Appender, Layout, Pattern Converter, and so on. Log4j automatically recognizes
plugins and uses them when a
-configuration references them.
-
-$h3 Property Support
-
-You can reference properties in a configuration, Log4j will directly replace
them, or Log4j will pass them to an
-underlying component that will dynamically resolve them. Properties come from
values defined in the configuration file,
-system properties, environment variables, the ThreadContext Map, and data
present in the event. Users can further
-customize the property providers by adding their own
[Lookup](manual/lookups.html) Plugin.
-
-$h3 Java 8 Lambda Support
-
-Previously, if a log message was expensive to construct, you would often
explicitly check if the requested log level is
-enabled before constructing the message. Client code running on Java 8 can
benefit from Log4j's
-[lambda support](manual/api.html#LambdaSupport). Since Log4j will not evaluate
a lambda expression if the requested log
-level is not enabled, the same effect can be achieved with less code.
-
-$h3 Custom Log Levels
-
-In Log4j 2, [custom log levels](manual/customloglevels.html) can easily be
defined in code or in configuration. No
-subclassing is required.
-
-$h3 Log Builder API
-In addition to using one of the many log methods in the Log4j API, log events
can be constructed using a builder. See
-[Log Builder](manual/logbuilder.html) for more information.
-
-$h3 Garbage-free
-
-During steady state logging, Log4j 2 is
[garbage-free](manual/garbagefree.html) in stand-alone applications, and low
-garbage in web applications. This reduces pressure on the garbage collector
and can give better response time performance.
-
-$h3 Integrating with Application Servers
-
-Version 2.10.0 added the module log4j-appserver to improve integration with
Apache Tomcat and Eclipse Jetty.
-
-$h3 Cloud Enabled
-
-Version 2.12.0 introduced support for accessing Docker container information
via a Lookup and for accessing
-and updating the Log4j configuration through Spring Cloud Configuration. This
support was enhanced in
-version 2.13.0 to add support for accessing Spring Boot properties as well as
Kubernetes information.
-See [Logging in the Cloud](manual/cloud.html) for details.
-
-$h3 Compatible with Log4j 1.x
-
-The Log4j-1.2-api module of Log4j 2 provides compatibility for applications
using the Log4j 1 logging methods. As
-of Log4j 2.13.0 Log4j 2 also provides experimental support for Log4j 1.x
configuration files. See
-[Log4j 2 Compatibility with Log4j 1](manual/compatibility.html) for more
information.
-
-$h2 Documentation
-
-The Log4j 2 User's Guide is available on this [site](manual/index.html).
-
-$h2 Requirements
-
-Log4j 2.13.0 and greater require Java 8. Version 2.4 through 2.12.1 required
Java 7 (the Log4j team no longer supports
-Java 7). Some features require optional dependencies; the documentation for
these features will specify the required
-dependencies.
-
-$h2 News
-
-Log4j 2.17.2 has been released to:
-
-* Over 50 improvements and fixes to the Log4j 1.x support. Continued testing
has shown it is a suitable replacement
-for Log4j 1.x in most cases.
-* Scripting now requires a system property be specified naming the languages
the user wishes to allow. The scripting
-engine will not load if the property isn't set.
-* By default, the only remote protocol allowed for loading configuration files
is HTTPS. Users can specify a system
-property to allow others or prevent remote loading entirely.
-* Variable resolution has been modified so that only properties defined as
properties in the configuration file can be
-recursive. All other Lookups are now non-recursive. This addresses issues
users were having resolving lookups specified
-in property definitions for use in the RoutingAppender and RollingFileAppender
due to restrictions put in place in 2.17.1.
-* Many other fixes and improvements.
-
-2.17.2 (for Java 8) is a recommended upgrade.
-
-Log4j $Log4jReleaseVersion is now available for production. While the normal
API for Log4j 2 is not compatible with
-Log4j 1.x, an adapter is available to allow applications to continue to use
the Log4j 1.x API and configuration files.
-Adapters are also available for Apache Commons Logging, SLF4J, and
java.util.logging.
-
-Log4j $Log4jReleaseVersion is the latest release of Log4j. As of Log4j 2.13.0
Log4j 2 requires Java 8 or greater at
-runtime.
-This release contains new features and fixes which are explained further in
[release notes](release-notes).
-
-Log4j $Log4jReleaseVersion maintains binary compatibility with previous
releases.
