[ https://issues.apache.org/jira/browse/LOG4J2-3417?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17498835#comment-17498835 ]
Gary D. Gregory commented on LOG4J2-3417: ----------------------------------------- Excellent. As long as we do reuse Log4j 2's runtime, we will avoid the risk of SQL injection. > Create JDBC appender for compatibility with v1 > ---------------------------------------------- > > Key: LOG4J2-3417 > URL: https://issues.apache.org/jira/browse/LOG4J2-3417 > Project: Log4j 2 > Issue Type: New Feature > Components: Appenders, Log4j 1.2 bridge > Reporter: Matt Sicker > Priority: Major > > Log4j 1 had a JDBC appender which made it fairly simple to set up an appender > to a database. While the old version doesn't work properly with modern > security practices, it shouldn't be too hard to parse the configured SQL > statement for pattern layout keys and extract them into a parameterized query. -- This message was sent by Atlassian Jira (v8.20.1#820001)