ppkarwasz opened a new issue, #4166:
URL: https://github.com/apache/logging-log4j2/issues/4166

   elastic/ecs-logging-java#404, released in v1.8.0, introduced a hardening 
measure: MDC entries whose keys match core ECS field names (`@timestamp`, 
`message`, `log.logger`, `log.level`, `event.dataset`, `process.thread.name`, 
`process.thread.id`, `ecs.version`) are silently dropped before serialization. 
This prevents user- or library-controlled MDC values from overriding the 
trusted fields written by the logger itself.
   
   The `log4j-layout-template-json` module ships its own `EcsLayout.json` 
template. It currently provides no equivalent protection and is therefore not 
aligned with the upstream hardening.
   
   ### Proposed work
   
   1. Add an optional `keyExcludes` configuration parameter to 
`ThreadContextMapResolver`. It should accept a list of literal key names to 
drop silently during serialization. A pattern-based extension (glob or regex) 
can be considered separately; a string list is sufficient for the initial use 
case.
   
      Example resolver snippet in a user-defined template:
      ```json
      {
        "$resolver": "mdc",
        "flatten": true,
        "keyExcludes": ["@timestamp", "message", "log.logger"]
      }
      ```
   
   2. Update `EcsLayout.json` to use `keyExcludes` with the same reserved-key 
set introduced in `ecs-logging-java` v1.8.0, so the built-in ECS template 
provides the same field integrity guarantees out of the box.
   
   **References**:
   - `EcsJsonSerializer.RESERVED_KEYS` in `ecs-logging-core`
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to