To fix security issues with older Log4j libraries, follow these steps in order to update them to a new version. Important: this will update the Log4j versions of the jobs being build by Talend Open Studio (TOS), but not the underlying Log4j libraries used by TOS itself. I.e. running and debugging jobs within TOS itself, will still be based on the original Log4j libraries shipped with TOS.

Steps to follow

The following steps have been tested to work for Talend Open Studio 8 for Data Integration (TOSDI8).

Step 1 – enable Log4j v2

Open your Talend job in the Open Studio. From the toolbar click the “Project settings” button

In the Project Settings dialog select Log4j in the left side. Make sure the “Log4j version” is selected as “log4j2”

Click “Apply and Close”

Step 2 – download updated Log4j jar files from Maven Central

The updated jar files can be downloaded from

The following are the direct links to the 2.17.2 version being the latest as of writing.

Step 3 – point modules to the new jar files

From inside Talend Open Studio select menu “Windows->Show view…->Modules” and select Open

In the search bar enter “2.12.1” (this is the current version used by Talend, if a different version is used start out determining what version – e.g. search by log4j first).

For each of the installed Log4j libraries (marked in red on the above picture) in turn click the right side “…” button and select the new updated jar having the similar name. You will need to click the “Detect the module install status” (2) to enable the OK button.

Repeat the above steps for all of the marked libraries – be careful to select the correct corresponding downloaded jar for each!!

Step 4 – build your job and verify that libaries have been updated

Now build your Talend Job, see this topic for additional information about how to execute Talend jobs from a macro in ROB-EX Scheduler. Verify that the “lib” folder of the compiled job now contains the new updated Log4j jar files, see picture below.


Was this helpful?

Yes No
You indicated this topic was not helpful to you ...
Could you please leave a comment telling us why? Thank you!
Thanks for your feedback.

Post your comment on this topic.

Post Comment