It should be sufficient to add the next line to /system.properties/ file
(lives in "bin" folder of your JMeter installation)
*log4j2.formatMsgNoLookups=true*
or pass this property via -D command-line argument like:
*jmeter -Dlog4j2.formatMsgNoLookups=true -n -t .....*
More information:
* Constants.java from log4j 2.13.3
<https://github.com/apache/logging-log4j2/blob/log4j-2.13.3/log4j-core/src/main/java/org/apache/logging/log4j/core/util/Constants.java#L63>
* Configuring JMeter
<https://jmeter.apache.org/usermanual/get-started.html#configuring_jmeter>
* Apache JMeter Properties Customization Guide
<https://www.blazemeter.com/blog/apache-jmeter-properties-customization>
* Overriding Properties Via The Command Line
<https://jmeter.apache.org/usermanual/get-started.html#override>
On 12/14/2021 12:40 PM, Smruti Ranjan Roul wrote:
Hi Team,
With the recent vulnerabilities identified on Apache Log4j on 10^th
December, I wanted to know if there will be a new version of the
Apache JMeter planned with the latest log4j versions.
With the organization security policy, there will be a scan on the
log4j. We know this will not have any impact with the vulnerability
identified, but to provide the InfoSec team, with a confirmation email
from the provider will be a added confidence.
Thanks in advance.
Thanks, and Regards,
Smruti Ranjan Roul
Technical Lead- *QA*
First American (India) Private Limited
“Aveda Meta”, No.184, Old Madras Road,
Opp. Swami Vivekanand Metro Station,
Indiranagar, Bangalore-560038, Karnataka, India
Mobile : + 91 8880138672
Email : sranjanr...@firstam.com <mailto:sranjanr...@firstam.com>
******************************************************************************************
This message may contain confidential or proprietary information
intended only for the use of the addressee(s) named above or may
contain information that is legally privileged.
If you are not the intended addressee, or the person responsible for
delivering it to the intended addressee, you are hereby notified that
reading, disseminating, distributing or copying this message is
strictly prohibited.
If you have received this message by mistake, please immediately
notify us by replying to the message and delete the original message
and any copies immediately thereafter.
If you received this email as a commercial message and would like to
opt out of future commercial messages, please let us know and we will
remove you from our distribution list.
Thank you.
******************************************************************************************
FAFLD