Skip to main content

Apache Log4j Tutorial: Everything You Need to Know

By

Logging is one of those things you don’t think much about—until something breaks. Then, suddenly, logs are your best friend. If you’ve worked on Java applications, you’ve probably heard of Apache Log4j. But what exactly is it, and why does it matter?

Apache Log4j Tutorial

Maybe you’ve struggled with messy log files, had trouble debugging an issue in production, or heard about Log4Shell, the security vulnerability that shook the internet. Whatever the case, this tutorial will walk you through Apache Log4j—from installation to best practices—so you can log like a pro.

Let’s dive in.

Check out my article on Apache Camel Tutorial with Spring Boot


What is Apache Log4j?

Apache Log4j is a Java-based logging library used to track application activity. Instead of using System.out.println() all over your code (which gets messy fast), Log4j gives you a structured way to log messages, filter them, and control where they go (console, files, databases, etc.).

But here’s what makes Log4j special:

Customizable Logging Levels – Not every message is equally important. Log4j lets you categorize logs as DEBUG, INFO, WARN, ERROR, and FATAL.
Flexible Output – Send logs to the console, a file, or even remote servers.
Performance-Optimized – Unlike basic print statements, Log4j is built for high-performance applications.
Widely Used – Many enterprise applications rely on it, meaning you’re learning an industry-standard tool.

If you're new to Java, you can read our tutorial on Java: A Complete Overview for Beginners

How to Install Apache Log4j

To start using Log4j, you need to add it to your Java project. The best way? Maven or Gradle.

Using Maven

Add this to your pom.xml:

<dependencies>
    <dependency>
        <groupId>org.apache.logging.log4j</groupId>
        <artifactId>log4j-core</artifactId>
        <version>2.17.1</version>
    </dependency>
</dependencies>

Using Gradle

Add this to build.gradle:

dependencies {
    implementation 'org.apache.logging.log4j:log4j-core:2.17.1'
}

Once you add the dependency, your project is ready to use Log4j.

Basic Log4j Setup

To use Log4j, you need a configuration file. This file tells Log4j where to send logs, what format to use, and which messages to log.

Creating a Simple Log4j Configuration

Create a file named log4j2.xml inside your resources folder and add this:

<?xml version="1.0" encoding="UTF-8"?>
<Configuration status="WARN">
    <Appenders>
        <Console name="Console" target="SYSTEM_OUT">
            <PatternLayout pattern="%d{yyyy-MM-dd HH:mm:ss} [%t] %-5level %logger{36} - %msg%n" />
        </Console>
    </Appenders>
    <Loggers>
        <Root level="info">
            <AppenderRef ref="Console" />
        </Root>
    </Loggers>
</Configuration>

What’s happening here?

  • We define a Console appender to send logs to the console.
  • The PatternLayout formats logs with a timestamp, thread, log level, logger name, and message.
  • We set the default log level to INFO, meaning only INFO, WARN, ERROR, and FATAL messages will appear.

Writing Logs in Java

With Log4j configured, let’s write some logs.

Basic Logging Example

import org.apache.logging.log4j.Logger;
import org.apache.logging.log4j.LogManager;

public class LogExample {
    private static final Logger logger = LogManager.getLogger(LogExample.class);

    public static void main(String[] args) {
        logger.debug("This is a debug message.");
        logger.info("This is an info message.");
        logger.warn("This is a warning message.");
        logger.error("This is an error message.");
        logger.fatal("This is a fatal message.");
    }
}

Run this, and you’ll see something like:

2025-02-13 10:45:12 [main] INFO  LogExample - This is an info message.
2025-02-13 10:45:12 [main] WARN  LogExample - This is a warning message.
2025-02-13 10:45:12 [main] ERROR LogExample - This is an error message.
2025-02-13 10:45:12 [main] FATAL LogExample - This is a fatal message.

Notice how DEBUG messages aren’t displayed? That’s because we set the log level to INFO in log4j2.xml. If you want debug messages, change <Root level="info"> to <Root level="debug"> in the config file.

Advanced Features of Log4j

Once you have the basics down, Log4j offers powerful features to make logging even better.

1. Writing Logs to a File

Instead of printing logs to the console, you can write them to a file. Modify your log4j2.xml:

<Appenders>
    <File name="FileLogger" fileName="logs/app.log">
        <PatternLayout pattern="%d{yyyy-MM-dd HH:mm:ss} [%t] %-5level %logger{36} - %msg%n" />
    </File>
</Appenders>
<Loggers>
    <Root level="info">
        <AppenderRef ref="FileLogger" />
    </Root>
</Loggers>

Now, logs will be stored in logs/app.log.

2. Rolling Log Files

If you don’t want logs to grow endlessly, use rolling files:

<RollingFile name="RollingFileLogger" fileName="logs/app.log"
             filePattern="logs/app-%d{yyyy-MM-dd}.log.gz">
    <PatternLayout pattern="%d{yyyy-MM-dd HH:mm:ss} [%t] %-5level %logger{36} - %msg%n" />
    <Policies>
        <TimeBasedTriggeringPolicy />
    </Policies>
</RollingFile>

This creates a new log file every day and compresses old logs.

Common Log4j Mistakes & How to Avoid Them

1. Logging Sensitive Information

Never log passwords, API keys, or personal user data. If logs get leaked, that’s a security disaster.

2. Not Setting the Right Log Level

Don’t log everything as INFO. Too much noise makes logs useless. Use DEBUG for development, INFO for normal operations, and ERROR for failures.

3. Ignoring Log Rotation

If you don’t rotate logs, they’ll grow indefinitely and eat up disk space. Always configure rolling logs.

Apache Log4j Security Warning: Log4Shell

In December 2021, a vulnerability called Log4Shell (CVE-2021-44228) made headlines. It allowed attackers to execute malicious code remotely just by logging a specially crafted string.

How to Protect Your Application

Use Log4j 2.17.1 or later (older versions are vulnerable).
Disable message lookup by setting:

log4j2.formatMsgNoLookups=true

Use a firewall to block exploit attempts.

Always keep Log4j updated to the latest version to stay safe.

Final Thoughts

Apache Log4j is a powerful tool for handling logs in Java applications. With a few lines of configuration, you can structure logs, control their flow, and keep your applications running smoothly.

Have you used Log4j before? What challenges did you face? Drop a comment below—I’d love to hear your thoughts! 🚀

Labels

Labels:

Comments

Post a Comment

Popular posts from this blog

Tips for Landing Tech Jobs and Acing Interviews

By
The tech industry is one of the fastest-growing and highest-paying fields today. Whether you’re a developer, data analyst, cybersecurity specialist, or UI/UX designer, there are plenty of opportunities. But with so many skilled candidates competing for the same roles, simply having technical knowledge isn’t enough. You need a strategy to stand out, showcase your skills, and navigate the hiring process with confidence. Breaking into tech or advancing your career requires more than just knowing how to code.  Companies look for professionals who can problem-solve, communicate effectively, and adapt to new technologies. To help you land that dream job and excel in interviews, here are practical steps you can take: Check out our  article on  How To Start Freelancing in Tech Building a strong technical foundation is essential. If you’re new to tech, start by mastering the fundamentals. For software engineering roles, focus on languages like Python, JavaScript, or Java. If yo...
Post a Comment
Read more

How to Enable USB Debugging on Oculus Quest 2

By
  The Oculus Quest 2 is a powerful VR headset that offers endless possibilities, from gaming to app development. However, to unlock its full potential, you’ll need to enable   USB debugging   and   Developer Mode . Whether you’re a developer looking to sideload apps or a user troubleshooting your device, this guide will walk you through the process step by step. In this post, we’ll cover: How to enable USB debugging on Oculus Quest 2. How to activate Developer Mode. How to access Oculus debug tools. Troubleshooting tips for common issues. Let’s dive in! What is USB Debugging and Why Enable It? USB debugging is a feature that allows your Oculus Quest 2 to communicate with a computer via a USB connection. This is essential for: Sideloading apps : Installing apps from third-party sources like SideQuest. App development : Testing and debugging VR applications. Troubleshooting : Diagnosing and fixing device issues. Enabling USB debugging requires activating  Deve...
Post a Comment
Read more

Frontend and Backend Integration with RESTful APIs in Python and Django

By
Frontend and Backend Integration with RESTful APIs in Python and Django Integrating frontend and backend systems is a very important skill for web developers. It enables seamless data flow and dynamic interactions on modern websites. This tutorial focuses on using RESTful APIs for frontend-backend integration in Python and Django , breaking down important steps to help beginners and intermediate developers create smooth, efficient communication between the frontend and backend. What is Frontend-Backend Integration? Frontend-backend integration involves creating a bridge between the part of a web application users see and interact with ( the frontend)  and the part that handles data processing, logic, and storage ( the backend).   The frontend sends data requests to the backend,...
Post a Comment
Read more

Coding Programs for Kids

By
In today’s digital age, learning to code is becoming as fundamental as reading and writing. Coding programs for kids are designed to make programming fun, interactive, and accessible, helping children develop critical skills that are essential for the future workforce. This guide will take you through the ins and outs of coding programs for kids, the best platforms to get started, and how coding can benefit children of all ages. What is coding for kids? Coding for kids involves teaching programming concepts through simplified platforms and languages designed to be user-friendly for young learners. From creating simple games to building animations, kids as young as three years old can start engaging in coding activities. The growing availability of coding programs for kids makes it easier for parents and educators to provide children with the tools to learn this valuable skill. These platforms range from drag-and-drop interfaces that require no prior experience to more complex languages...
Post a Comment
Read more

Understanding Object-oriented programming

By
Object-Oriented Programming (OOP) is one of the most widely used paradigms in modern programming. It revolves around the concept of organizing code into objects that represent real-world entities. By structuring code through classes, objects, inheritance, polymorphism, and encapsulation, OOP allows for more organized, reusable, and scalable software development. What is Object-Oriented Programming? Object-Oriented Programming (OOP) is a programming paradigm centered on the use of objects and classes . Unlike procedural programming, which relies on a step-by-step approach, OOP models software based on entities or objects that interact with each other. Objects are instances of classes, which act as blueprints defining attributes and behaviors. At its core, OOP seeks to create programs that are more modular, making it easier to manage and modify as requirements evolve. Re ad my tutori al blog  article on  A px Java Tutorial The Evolution of Programming Paradigms Before OOP, proc...
Post a Comment
Read more

Hacktoberfest 2024: What You Should Know and What You Should Do

By
As the leaves begin to turn and the air grows crisp, the developer community gears up for one of the most anticipated events of the year: Hacktoberfest . Whether you're a seasoned open-source contributor or someone new to coding, Hacktoberfest is an excellent opportunity to sharpen your skills, contribute to meaningful projects, and connect with a global community of developers. With just over a month to go before Hacktoberfest 2024 kicks off, now is the perfect time to get prepared. In this post, we'll dive into everything you need to know about Hacktoberfest and offer actionable steps on how to make the most out of the event. What is Hacktoberfest? Hacktoberfest, initiated by DigitalOcean in 2014, is an annual event that encourages developers around the world to contribute to open-source projects. It takes place every October, with the primary goal of promoting open-source contributions and giving back to the developer community. Participants are challenged to submit a minimu...
Post a Comment
Read more

Front End Web Developer Average Salary

By
 Embarking on a career as a front-end web developer is an exciting journey, blending creativity with technical prowess. One of the pivotal questions aspiring developers often ponder is: What is the average salary for a front-end web developer? Let's delve into this topic, addressing common concerns and providing a comprehensive overview. For more insights on advancing your career as a front-end developer, check out our comprehensive guide on  how to land a front-end web developer job . Understanding the Role of a Front-End Web Developer A front-end web developer is responsible for designing and implementing the visual and interactive aspects of a website—the parts users directly engage with. This includes: Layout and Design : Crafting the structure and appearance of web pages. User Interface (UI) Elements : developing buttons, menus, and other interactive components. Responsive Design : Ensuring websites function seamlessly across various devices and screen sizes. Proficiency...
Post a Comment
Read more

Visual Web Developer

By
Embarking on the journey to become a visual web developer is both exciting and rewarding. Whether you're just starting out or looking to enhance your existing skills, understanding the nuances of this role can set you on the path to success. In this comprehensive guide, we'll address common questions, share personal insights, and provide practical advice to help you thrive in the world of visual web development. What is a Visual Web Developer? A visual web developer focuses on creating the visual aspects of websites, ensuring they are both aesthetically pleasing and user-friendly. This role combines design principles with coding skills to build interactive and responsive web pages. Unlike traditional web developers, who may focus solely on functionality, visual web developers prioritize the look and feel of a site, working closely with designers and UX professionals to bring concepts to life. Common Questions and Concerns 1. Do I Need a Design Background to Become a Visual Web...
Post a Comment
Read more

AWS SQS Tutorial for Java Developers

By
If you're a Java developer looking to build scalable, decoupled applications, Amazon Web Services (AWS) Simple Queue Service (SQS) is a tool you’ll want to master. But let’s be honest—getting started with AWS SQS can feel overwhelming, especially if you're new to cloud services or messaging systems. You might be wondering: How does SQS work, and why should I use it? What’s the best way to integrate SQS with my Java application? Are there any common pitfalls I should avoid? Don’t worry—I’ve been there too. When I first started working with SQS, I spent hours sifting through documentation and experimenting with code. That’s why I’ve put together this AWS SQS tutorial for Java developers. By the end of this guide, you’ll have a solid understanding of how to use SQS in your Java projects, along with practical examples and tips to make your life easier. If you’re new to Java or want to sharpen your skills, check out this: The Best Online Java Courses for Beginners What is AWS SQS, a...
Post a Comment
Read more

Django for Beginners: A Complete Guide to Building Your First Web App

By
Django is one of the most popular frameworks for building web applications in Python. If you're a beginner interested in creating your first web app, Django offers a powerful and easy-to-use framework that will get you up and running in no time. In this comprehensive guide, we’ll take you through everything you need to know to build your first Django web app from scratch. Whether you’re new to Django, Python, or web development in general, this tutorial will guide you through the basics while highlighting essential tools and techniques. We'll also cover key concepts like Django ORM, Django admin, Django REST framework (DRF), and integration with Docker, PostgreSQL, and more. What is Django? Django is a high-level Python web framework that encourages rapid development and clean, pragmatic design. It was created to make web development more manageable and scalable, allowing developers to focus on writing their apps rather than reinventing the wheel. With Django, you get sever...
Post a Comment
Read more