This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(265.6, 27%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVK%3C/text%3E%3C/svg%3E)
Use-case: Running Spark job in Databricks and monitoring logs in LogAnalytics.
Issue: In Veracode report, I am getting security vulnerabilities(CRLF) with Slf4j logger.
I am looking for other approaches, with Log4j2 I don't see any issues.
Now my question is, I want to integrate LogAnalytics with Log4j2, is that possible in my case?
@vikas katru Thank you for reaching out
Hope the above information helps. Please review the information and circle back if you have any further queries. Thank you
Thanks @bharathn-msft , I tried the same approach you mentioned for Monitoring Azure Databricks in an Azure Log Analytics.
The problem is they are using Log4j 1.x in spark-listeners-loganalytics, and I am facing some security issues in Veracode report because of Log4j 1.x.
So is there any way I can use Log4j 2.x in the same approach? like creating log-analytics.properties file that supports log4j 2.x and use log4j 2.x in spark-listeners instead of log4j 1.x
@vikas katru Thank you for sharing additional information, I am circling back with our internal teams to understand if there is any limitation around using Log4j 2.x. Will keep you updated as I get more information.
@vikas katru Apologies for the delayed response on this , still working through with our internal teams to get a response for your query. Will keep you updated as we get more information. Thank you.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(156.8, 15%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETK%3C/text%3E%3C/svg%3E)
We are also interested in using log4j 2.x. Do you have any updated status on this?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(240, 77%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EOA%3C/text%3E%3C/svg%3E)
I am working to locate the relevant owners of the libraries, but for faster response, I would suggest to log a question/issue to the library repo - https://github.com/mspnp/spark-monitoring