如何防止使用logback进行日志轰炸? [英] How to prevent log bombing using logback?
问题描述
我不确定轰炸"一词是否正确.轰炸是指日志以相同的内容(消息和参数)多次发生.
I'm not sure the term "bombing" is the right one. By bombing, I mean a log happening many times with the same content (message and args).
例如,拒绝服务附加可能会导致日志警告,表明未经身份验证的用户正在尝试访问某些API.日志:
For example, a denial of service attach might cause a log warning that an unauthenticated user is trying to access some API. log:
[03-29 11:26:01.000] missing token
[03-29 11:26:01.001] missing token
[03-29 11:26:01.005] missing token
... overall 100000 times
我要解决的问题是防止日志过大.大小是个问题.另外,由于重复消息的数量过多,可能看不到其他重要消息.
The problem I'm trying to tackle is preventing the log from being very large. Size is a problem. Also, other important messages might not be seen because of the overwhelming number of the repeating message.
我希望能够防止此类日志爆炸,并提供一些汇总消息,例如:
I'd like to be able to prevent such a log bombing and have some aggregated message like:
[03-29 11:26:01.000] missing token
[03-29 11:26:06.000] missing token [silenced. Overall 100000 times]
所以,我在这里寻找2个功能:
So, I'm looking for 2 features here:
- 使日志重复太长.
- 显示沉寂日志的小结.
是否知道是否可以使用logback以及如何使用logback??也许其他日志记录工具可以支持此操作?谢谢.
Any idea if and how this can be done using logback? Perhaps another logging tool can support this? Thanks.
推荐答案
allowedRepititions
设置)停止所有重复消息,该阈值可能不可取.如果您希望对新邮件重设重复计数或基于时间.但是,它没有提供静默日志的摘要.
The DuplicateMessageFilter
, which filters out exact duplicate messages, might fit your first requirement. Currently, the filter stops all duplicate messages after a specified threshold (via allowedRepititions
setting), which might not be desirable. You would have to extend the filter if you preferred to have the duplicate-count to reset on new messages or based on time. It does not provide a summary of silenced logs, however.
示例登录配置:
<configuration>
<turboFilter class="ch.qos.logback.classic.turbo.DuplicateMessageFilter" allowedRepetitions="2"/>
<appender name="console" class="ch.qos.logback.core.ConsoleAppender">
<encoder>
<pattern>%date [%thread] %-5level %logger - %msg%n</pattern>
</encoder>
</appender>
<root level="INFO">
<appender-ref ref="console" />
</root>
</configuration>
这篇关于如何防止使用logback进行日志轰炸?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!