Last updated by grandfatha 5 years ago

Runtime Logging (log4j) Plugin

This plugin allows you to easily control log4j logging at runtime, using a simple GUI interface, without the need to restart your application.

NOTE: This is still an alpha release, and should be treated as such. Specifically, beware of releasing it into production as-is, because there is currently no authentication/protection around the function. But see the "Authentication" section below.

Plugin features:

  • Simple GUI interface for controlling log4j settings
  • Dynamically change log4j settings without need to restart
  • Separately control common parts of the application such as Controllers, Services, SQL etc.
  • Uses intuitive names like "SQL", "Services", "Controllers" (rather than class names) to make it easier for newbies.
  • Displays the equivalent closure to add to Config.groovy to get the same effect permanently
The plugin provides a simple GSP/Controller which lets you pick a common part of the application (e.g. "Controllers", "Services", "SQL") and the desired logging level ("DEBUG","ERROR" etc) on-screen.

Full source code is included in the plugin.


grails install-plugin runtime-logging

Alternatively download the latest grails-runtime-logging.jar from and then:

grails install-plugin /path-to/grails-runtime-logging-xx.jar

After install test it by going to this page:


Try setting "SQL" to "DEBUG" and click Submit. All SQL statements should now be logged. You will also see some "Groovy Equivalent" code - cut/paste this into Config.groovy to achieve the same effect permanently.


The plugin comes with no authentication or security out-of-the-box. Do not use it in production as-is because anyone could switch on logging to maximum and eat all your disk space and probably crash the server.

However, you can easily protect it yourself by adding a filter that checks for valid users before allowing access to any functions in the LoggingController:

class MyFilters 
  def filters =
      before =
        if(!session.user?.isAdmin()) // Define your own isAdmin() logic
          render "You Are Not Authorised"
          return false;

return true; } } } }

Authentication with the Acegi/Spring-Security Plugin

When using the Acegi/Spring-Security Plugin, it is very easy to secure the plugin. Just update your SecurityConfig.groovy with the URL path where the runtime-logging-plugin will display its content. If you use database-driven requestmaps, then you need to add a new record for the runtimeLogging URL there. In that case there is no need to update the SeurityConfig.groovy, but you should e.g. add a new record inside Bootstrap.groovy (new RequestMap(.....).save() ).The following sample assumes that you have a role named "ROLE_ADMIN" defined:

requestMapString = """

[...] /runtimelogging/**=ROLE_ADMIN [...] """

Not only will this enforce authentication on the URL, it will also disallow access to the URL to any user that does not have the ROLE_ADMIN authorities.

Note: You need to write "runtimelogging" although you will see "runtimeLogging" in your browser. If you use the capital letter "L", Spring-Security will complain because you then used an uppercase despite the first line ("LOWERCASE_BEFORE_COMPARISON") in the requestmap String.

Future plans

  • Add to official SVN repository
  • Add authentication
  • Display equivalent code that can be cut/paste into Config.groovy to achieve the same effect permanently.
  • Add configuration to allow user-controlled categories
  • Add environment-specific config so function can be enabled/disabled for production

Release Notes

v.0.3: Changes submitted by Brad Whitaker add dynamic selectors to allow more granular control of each Controller/Domain/Service present in the application.