Logback vs SLF4J vs Log4J2 - what is the difference? Java Brains Brain Bytes

"what is the difference?": One of them had a major vulnerability that affected a big part of the internet to be at risk. But I'm not telling which one it is...

Watching this again after the Log4J2 incident. Logging hell gets a different meaning.

How do you come up with so much clarity? The video seems to be short, but the effort you would have spent going through their docs and understanding, then coming up with just the information required in 10mins is tremendous. Respect.

Always pleasure to watch JavaBrains vids☺️ need more of these Java bytes videos where u take up a single thing and explain in around 10 mins..

I came knowing nothing about logging libraries now I know you can have multiple libraries serving your project! Thanks man!

Thanks a lot for making the Video! It cleared up a lot of stuff for me.
Keep up the good work and the content on Spring Boot coming! 😊

Supremely digested, thank you so much! I might add, as well as the other videos. You're making a great contribution to the developer society. Very informative and very ingestible.

Your channel is all what every enterprise Java developer ever needs

Thanks Kaushik sir. Your High quality contents are a boon for us.
Please also make tutorials on design patterns, architecture and React JS

Koushik, you are the best teacher. If anyone asks me where to learn Java or similar stuff from, I recommend you to them.

Thank you so much for your content. I truly appreciate it and you've helped me so much at my job

anyone here because log4j cve?

Good content ! One thing I'd like to add here is SLF4j vs log4j is that placeholder { } in SLF4j reduces lot of string concatenation in the code and also avoids creation of String Object, thereby reducing the memory requirements , and this could be handled by if (LOGGER.isDebugEnabled()) clause in log4j style.

Logging really became a hell with log4J🥴

Hello Kaushik, kudos on the nice presentation.
For your information, log4j predates JDK 1.4 and hence java.util.logging by 3 or 4 years. Thus, the beginning of the presentation where log4j is shown as an improvement upon java.util.logging is historically inaccurate.

Great video! Thank you for this clean explanation.

I was expecting to be confused but you explained this very eloquently. ++subscriberCount;

Very good quality. Thank you!

Great Explanation..😊 love to watch all of your videos..😀

You know what? I don't skip any ads on your channel. That is the simplest thing I could do to appreciate your work. Thank you Kaushik.

that was awesome! thank you.

The quality of the content is amazing. Thanks Kaushik.

Great video as always. Thanks

super super clear. 👍

Excellent !

Explained very well

thank you, very informative :))

wowww dude this cleared a hell lot of stuff.. thanks for this..

Excellent tutorial. Thanks a lot

I want to say something to you Kaushik, I am new to development (less than 1-year experience) currently working with an IT company here in Pakistan as a Java developer, but let me tell you When I get a job in Europe I will surely donate too much money to support your channel. Love for you Kaushik sir! 😄🥰

beautiful thanks❤

Please make ReactJS tutorial videos pleaaseee!!! you are one of the best youtuber teachers out there. Love your content!!

Thanks sir for explaining in detaills

Such an informational video, which is not even covered in paid courses.

very good job, thank you

Myself am a noob in java and I would cry for real if i am asked to
work on logging.Thanks alot man.

Man I love your Intro!!

awesome comparison.

Thank you so much

Logback, SLF4J and Log4j2 are Java logging frameworks. Logback is an implementation with a facade API, SLF4J is a facade for various logging platforms, and Log4j2 provides both a facade API and an implementation. They all aim to provide a standardized API for logging in Java, allowing flexibility in how you choose to actually implement logging.

One of the features I always look for is to change the log level on the fly without restarting the app server. In production, you can keep the log level at severe, but if there is an issue and if you need to turn it to finer level, you cannot do that without restarting the server.
Most of the app servers, use simple JDK, but allows to change log level on the fly. So if you don't need the bells and whistles, stick with OOTB.

sir , please do not forget to include yourself in videos next time . like, in many videos we have seen you interacting with us . make it like that . and i am really thankful to you for you microservices session. also please consider covering these topics too :
"client side load balancing with ribbon, feign rest client, zuul api loggin filter, distributed tracking with zipkin".
i can find these topics covered in youtube but ,the way you explain the things , i understand better.

This channel is just amazing. For me the best source on Java programming on RUclips. Thank you so much.

Helpful

The best explanation ever... #KaushiksNo1Fan

Sir, Please make videos on Mockito and JBehave.

Hi Kaushik
Can you make a video on functional programming relating to Java 8 and Scala

I should also add that both past experience and recent events suggest to me that no one should use log4j2. If you understand the recent security problems you'd have to conclude that the team involved didn't understand that it was a bad idea to (BY DEFAULT) scan log messages looking for special char sequences and then potentially download and execute remote code based on it. This suggests they don't understand basic security or performance concepts, but also that they don't know that most people won't want all kinds of random and obscure features thrown into their production system, where it would take a lengthy read of docs and/or code to even know what you're getting!

That thumbnail though hahahaha

I like how the comment from the creator of these logging frameworks is sitting silent here in the comments section..

9:21 so many tubers forget that the cards don't always show up & don't put the link anywhere else either

I'm from the future, in December 2021 Log4J will, oh god, I've said too much!

Just one question, little bit off the topic related to design(i am learning these days). Why Facade, why not adapter ?

Good video, but I would challenge your assertion that logging is a mess. Keep up the good work

Hi Kaushik,
Can you do a video on vertx api development

nice

Found the answer after a long time

The history part was basically wrong: Java util logging came AFTER log4j.
Basically log4j was the first widely adopted logging framework in Java, and later Java borrowed the idea (hierarchical logger, log level, appender/handler) and make up its own logging framework (java.util.logging)
The part for log4j2 was wrong too: right slf4j was developed as a facade. And logback was developed as a “native” implementation for slf4j almost at the same time slf4j was introduced (they are from the same guy anyway, which is the original author of log4j)
Log4j2 is basically the same: it contains the API part (which is basically what slf4j) and implementation (just like logback). Which means you can use log4j2 API and use slf4j/logback as backend.

King

I think fine is not that FINE the debugger level, but it means the granular logging, which means every single piece of information will be logged when logging level is fine.
It contains more sensitive information's and we normally use it when debug or info level logs are not worth analysis.

Can you do one on OpenJDK?

what the "hell" is this? I love it!

hey kaushik, how did you make such fancy video? what's the tool that you use?

1:30 java comes with logging class, java.util.logging
Logger.getLogger(someClass)
Has log levels:
-info
-severe
-fine
Handlers: how to handle logging requests. Console handler, file handler etc
People didn’t like the default java logger, because developers are little bitches and so logging libraries were created.
3:30 Log4J, has a Logger class like the default logger and log levels:
-info
-debug
-warn
-error
Instead of handlers, log4j has appeasers:
- file appender
- console appender
- rolling file
- jdbc
- smtp
- jms
4:50 to standardize the logging api we have Apache commons logging as well as slf4j. These are called facade libraries, they provide an interface but use other libraries to do the actual logging
6:15 log4j successors
6:30 why use sl4j?
Done thanks

Hi java brains,
I watched your so many tutorials series like spring boot, java and all are so helpful for me.
Thanks bro for all those content.
One request is that can u make spring boot java testing tutorials series like mockito all those stuff,
That would be so helpful 🙂

What we need is to consolidate all the frameworks into one. The authors should get together and merge the best features of each into one. Same with the major frameworks.

Sir make on spring JPA .hibernate and jpa are same?

Pls give a Byte about OAuth bro 🙂

Hi Sir I have question here,
Even if a .class file enters log what that can do, because it will be on log files, how can hackers can execute java from a log file.
May be I'm silly but I got this doubt

I want to know other difference : log4j log4j-over-slf4j slf4j-log4j12

Sir, you did not add the video info in the end. 🙂

Because Java...

How to become good in coding?

SFL4J API or Log4J2 API ?

I think every Java developer has the same confuse

0:30 "Do you have 90 minutes?"

Up vote for speaking truth! Logging Hell!

apparently choice is hell.

Log4j1 was before jul

I have programming for many years and don't know this, I feel like a loser.

rofl

Please use dark background in you presentation 😂

not much useful content