[
https://issues.apache.org/jira/browse/LOG4J2-3417?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17498660#comment-17498660
]
Gary D. Gregory commented on LOG4J2-3417:
-----------------------------------------
Internally the SQL for something likeĀ
log4j.appender.DB.sql=INSERT INTO LOGS VALUES('%x','%d','%C','%p','%m')
Should translate to
INSERT INTO LOGS VALUES(?, ?, ?, ?, ?)
It should be a requirement on our implementation to use JDBC a prepared
statement or callable statement for a stored procedure call.
> Create JDBC appender for compatibility with v1
> ----------------------------------------------
>
> Key: LOG4J2-3417
> URL: https://issues.apache.org/jira/browse/LOG4J2-3417
> Project: Log4j 2
> Issue Type: New Feature
> Components: Appenders, Log4j 1.2 bridge
> Reporter: Matt Sicker
> Priority: Major
>
> Log4j 1 had a JDBC appender which made it fairly simple to set up an appender
> to a database. While the old version doesn't work properly with modern
> security practices, it shouldn't be too hard to parse the configured SQL
> statement for pattern layout keys and extract them into a parameterized query.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
