vy commented on pull request #607: URL: https://github.com/apache/logging-log4j2/pull/607#issuecomment-1000859937
@SR-G, no, your use case is actually pretty common: feeding Log4j to ELK. Actually, we even have a layout to ease this process: `JsonTemplateLayout`. In a nutshell, it was only `PatternLayout` that was performing interpolation on the formatted message, hence the rest of the layouts (incl. `JsonTemplateLayout`) are not affected by *this* vulnerability. Though right now there are 3 CVEs and depending on the use of lookups of your proprietary appender+layout, you might be affected. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
