Some first impression feedback: Top page: I think it is worth explaining the motivation/use case for audit logging here. What is "audit logging"? How is audit logging different from "normal" logging? What kind of applications would want to use audit logging and why? What are audit events? How do audit events relate to log events?
RequestContext page: I had trouble following this page. The explanation is going too fast for me and seems to be skipping over some steps. Is my understanding below correct? * Users must create a RequestContext to use audit logging (if true, best to start by saying that) * The reason users need to create a RequestContext is to have a single container for all data points that users want to log in their audit log. (Question: does this mean that RequestContext = Audit Event?) * A recommended/convenient way to implement a RequestContext is to stuff all values in the log4j ThreadContext (Question: is it really okay to assume that the service container does not hand off requests to worker threads?) * The example RequestContext implementation is too long (and repetitive - readers will get the point after a few attributes) - may be better to place the full class in an example application and only show snippets in this page (and perhaps link to the full example from the page) * After the example follows some explanation about the annotations. Seems pretty important stuff but is now just a wall of text. I would break it up into sections with bold headers, a separate section for each annotation. Current explanation of the annotations seems a bit too brief. * RequestContextInterceptor example seems a bit long. Can you reduce it to its essence or break it up? (Also formatting seems off and has missing closing double quote in response.sendRedirect("/login); , but does this page really need to contain a fully working example?) * Finally, the the "passing context to service" section: are RequestContextInterceptor and RequestContextHeaderInterceptor the same thing? * Does everyone using Spring know what " *The returned list should then be added to the RestTemplate* " means? (I have no clue :-) but I am Spring-ignorant.) Audit Catalog page: The page mentions Products and Categories 3 times, every time saying "but Log4j doesn't do anything with that". Why not just leave it out altogether and not mention these? Why is it called a Catalog? Perhaps explaining why this term is a good name would help set the readers frame of thinking to understand the rest of the page. Also, do users need to create a catalog? Or is it something that emerges automatically when one uses audit logging? What happens if you don't create a catalog? Hope this is useful, Remko On Mon, Feb 5, 2018 at 2:35 PM, Ralph Goers <ralph.go...@dslextreme.com> wrote: > Well I have good news and bad news. The bad news is that I forgot my wife > and I were having people over for the super bowl so I didn’t have as much > time as I had hoped and I wasn’t able to run the Log4j 2.11.0 release build. > > The good news is that I think Log4j Audit V1.0 is about ready for a > release. I have published the web site at https://rgoers.github.io/ > log4j-audit/index.html <https://rgoers.github.io/log4j-audit/index.html>. > Some parts of the site will have problems since it hasn’t been released but > I hope you could take a look at it and review it before a release vote is > attempted. > > You should also feel free to ask me questions here, but if it isn’t clear > then I expect the web site needs more work. > > Ralph