OWASP-ESAPI logger help needed

logging owasp esapi
Amit picture Amit · Jun 25, 2014 · Viewed 15.3k times · Source

In my current project I am using Maven and Spring. I am currently using SLF4J logger for logging services. In place of that I want to use OWASP-ESAPI logger. I don't want to use OWASP-ESAPI security, just the log services. Can anybody please guide me how to use OWASP-ESAPI logger by replacing slf4j logger with minimum efforts ? I tried a lot of google search but nothing helps. I will really appreciate some links to gain knowledge about OWASP-ESAPI logger as well.

Answer

Jim Doyle picture Jim Doyle · Sep 2, 2015

Refactoring your code to remove slf4j is a horrific solution, because then you lose the ability to capture JUL, JCL, LOG4J traffic into a common log funnel. The prior response is bad advice.

  1. You can enable ESAPI to use JUL Logging, and then, by using JUL over SLF4J, recapture that log traffic and route to other loggers (i.e. log4j or logback). To do so, in ESAPI.properties: ESAPI.Logger=org.owasp.esapi.reference.JavaLogFactory

  2. Another option would be to build an SLF4J logger proxy over the ESAPI Logger Interface. I think you lose more functionality than you gain in this case.

Related questions

grep a file, but show several surrounding lines?

I would like to grep for a string, but also show the preceding five lines and the following five lines as well as the matched line. How would I be able to do this?

Read More
String formatting: % vs. .format vs. string literal

Python 2.6 introduced the str.format() method with a slightly different syntax from the existing % operator. Which is better and for what situations? Python 3.6 has now introduced another string formatting format of string literals (aka "f" strings) via the syntax f"…

Read More
python exception message capturing

import ftplib import urllib2 import os import logging logger = logging.getLogger('ftpuploader') hdlr = logging.FileHandler('ftplog.log') formatter = logging.Formatter('%(asctime)s %(levelname)s %(message)s') hdlr.setFormatter(formatter) logger.addHandler(hdlr) logger.setLevel(logging.INFO) FTPADDR = "some ftp …

Read More