Bryan, For a more concrete and low-level answer, there are two ways you can contribute code:
- Create a JIRA (https://issues.apache.org/jira/browse/log4j2/) and attach your code as a diff file based on our Git master: https://logging.apache.org/log4j/2.x/source-repository.html - Do it the GitHub way from https://github.com/apache/logging-log4j2 Gary On Fri, Jan 8, 2016 at 8:13 AM, Bryan Krol <[email protected]> wrote: > Hello all, > > As part of some other work I have been doing, our team has decided that it > would be worth extending the Log4j2 library in such a way as to better > support logging of security events. We also thought what we did would be > of interest to the larger Apache community, mostly because the need for > application-level security auditing is growing to help mitigate the > increase of application security incidents. In order to facilitate better > auditing practices, developers now have a need to include better security > logging practices in the development process. Application logs provide > valuable data for: > > - > > Identifying security threats > - > > Monitoring policy violations > - > > Providing details about problems and unusual conditions > - > > Contributing application-specific data for auditing which is lacking > in other sources > - > > Helping defend against vulnerability identification and exploitation > through attack detection. > > I have attached a document that more thoroughly explains what we have > done and what "problems" we were looking to solve with our changes. > I am looking for some guidance on how I should go about submitting these > changes back to the Apache Log4j 2.x team for inclusion in the code base. I > have implemented both the functionality and the appropriate JUnit code for > testing of the additions. > > If anyone could respond with some information to help, I would greatly > appreciate it. > > Thank you, > > -- > Bryan Krol > Software Engineer > Technergetics, LLC > [email protected] > Phone: (315) 271-2096 > Fax: (886) 307-4382 > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > -- E-Mail: [email protected] | [email protected] Java Persistence with Hibernate, Second Edition <http://www.manning.com/bauer3/> JUnit in Action, Second Edition <http://www.manning.com/tahchiev/> Spring Batch in Action <http://www.manning.com/templier/> Blog: http://garygregory.wordpress.com Home: http://garygregory.com/ Tweet! http://twitter.com/GaryGregory
