Using Log4j with cloud-based observability platforms like AWS CloudWatch in Java projects

18 Sep 2023

log4j

As developers, logging is an essential part of our application development process. It helps us track errors, monitor performance, and gain insights into our application’s behavior. Log4j is a powerful logging framework for Java applications that allows us to control the logging behavior dynamically.

In this blog post, we will explore how to integrate Log4j with AWS CloudWatch, a cloud-based observability platform, to centralize our logs and gain better visibility into our Java projects.

Prerequisites

Java Development Kit (JDK) installed
Log4j dependency added to your Java project
AWS account with access to CloudWatch

Step 1: Configure Log4j

The first step is to configure Log4j to send logs to CloudWatch. We need to add the Log4j CloudWatch appender to our log4j.properties or log4j.xml configuration file.

Using `log4j.properties`:

log4j.rootLogger=INFO, cloudwatch

log4j.appender.cloudwatch=com.amazonaws.services.logs.log4j.CloudWatchAppender
log4j.appender.cloudwatch.layout=org.apache.log4j.PatternLayout
log4j.appender.cloudwatch.layout.ConversionPattern=%d{yyyy-MM-dd HH:mm:ss} %-5p %c{1}:%L - %m%n

log4j.appender.cloudwatch.awsAccessKeyId={YOUR_AWS_ACCESS_KEY}
log4j.appender.cloudwatch.awsSecretKey={YOUR_AWS_SECRET_KEY}
log4j.appender.cloudwatch.logGroup={YOUR_LOG_GROUP_NAME}
log4j.appender.cloudwatch.logStream={YOUR_LOG_STREAM_NAME}

Replace {YOUR_AWS_ACCESS_KEY}, {YOUR_AWS_SECRET_KEY}, {YOUR_LOG_GROUP_NAME}, and {YOUR_LOG_STREAM_NAME} with your AWS credentials and desired log group and stream names.

Using `log4j.xml`:

<appender name="cloudwatch" class="com.amazonaws.services.logs.log4j.CloudWatchAppender">
    <layout class="org.apache.log4j.PatternLayout">
        <param name="ConversionPattern" value="%d{yyyy-MM-dd HH:mm:ss} %-5p %c{1}:%L - %m%n" />
    </layout>
    <property name="awsAccessKeyId" value="{YOUR_AWS_ACCESS_KEY}" />
    <property name="awsSecretKey" value="{YOUR_AWS_SECRET_KEY}" />
    <property name="logGroup" value="{YOUR_LOG_GROUP_NAME}" />
    <property name="logStream" value="{YOUR_LOG_STREAM_NAME}" />
</appender>
<root>
    <level value="INFO" />
    <appender-ref ref="cloudwatch" />
</root>

Again, replace {YOUR_AWS_ACCESS_KEY}, {YOUR_AWS_SECRET_KEY}, {YOUR_LOG_GROUP_NAME}, and {YOUR_LOG_STREAM_NAME} with your AWS credentials and desired log group and stream names.

Step 2: Set Up AWS Credentials

To connect to AWS CloudWatch, we need to provide our AWS access key and secret key. You can pass them programmatically or use environment variables, system properties, or the AWS CLI.

For example, you can set the access key and secret key as environment variables:

export AWS_ACCESS_KEY_ID={YOUR_AWS_ACCESS_KEY}
export AWS_SECRET_ACCESS_KEY={YOUR_AWS_SECRET_KEY}

Step 3: Publish Logs to CloudWatch

With Log4j and AWS credentials set up, you can now start publishing logs to CloudWatch. Log events will be sent to the specified log group and log stream. You can view and analyze them in the AWS CloudWatch console.

import org.apache.log4j.Logger;

public class MyClass {
    private static final Logger logger = Logger.getLogger(MyClass.class);

    public static void main(String[] args) {
        // Log messages using Log4j
        logger.info("This is an informational log message");
        logger.error("This is an error log message");
    }
}

In the above example, we’ve defined a Logger instance and then used it to log messages with different log levels (info and error).

Conclusion

Integrating Log4j with AWS CloudWatch allows us to centralize and monitor logs from our Java projects. By following the steps outlined in this blog post, you can configure Log4j to send logs to CloudWatch and gain better visibility into your application’s behavior.

Remember to secure your AWS access and secret keys and follow best practices to ensure proper access control to your CloudWatch resources.

#log4j #AWS