Upgrading Solr 6 to use Log4j 2.x

405 Views Asked by Dinny At 18 January 2022 at 20:14

Is it possible to upgrade Solr 6 to use Log4j 2.x?

We have some external dependencies on Solr 6 but would like to upgrade Log4j to the latest.

There are 2 best solutions below

Hector Correa On 18 January 2022 at 20:37 BEST ANSWER

Apache Solr releases prior to 7.4 (i.e. Solr 5, Solr 6, and Solr 7 
through 7.3) use Log4J 1.2.17 which may be vulnerable for installations 
using non-default logging configurations that include the JMS Appender, 
see 

https://github.com/apache/logging-log4j2/pull/608#issuecomment-990494126 

for discussion.

luiscolorado On 04 August 2022 at 18:10

A good alternative would be to replace log4j 1.2.17 with reload4j, which is a direct plugin replacement for the log4j jar file. It was developed by one of the companies that developed the original log4j project in response to its recently reported vulnerabilities. You can find more information at the Github project

I am aware of at least one OpenSource project (Alfresco) that is using it successfully.

Upgrading Solr 6 to use Log4j 2.x

There are 2 best solutions below

Related Questions in SOLR

Related Questions in LOG4J

Related Questions in SOLR6

Trending Questions

Popular # Hahtags

Popular Questions