diff --git a/ansible/roles/cassandra/tasks/main.yml b/ansible/roles/cassandra/tasks/main.yml
index 0dd472565c6c85459523ff7fbd5044513a0d9df7..9f3af6637f27a9b997563149ff0bf919c7393d0f 100755
--- a/ansible/roles/cassandra/tasks/main.yml
+++ b/ansible/roles/cassandra/tasks/main.yml
@@ -79,6 +79,24 @@
delay: 10
sleep: 5
+- name: Make sure systemd destination dir exists
+ file:
+ path: "/etc/systemd/system/cassandra.service.d"
+ state: directory
+ mode: "755"
+
+- name: Copy specific cassandra Systemd config file
+ template:
+ src: "override.conf.j2"
+ dest: "/etc/systemd/system/cassandra.service.d/override.conf"
+ owner: root
+ group: cassandra
+ mode: "644"
+ force: yes
+
+- name: Force systemd to reread configs
+ systemd: daemon_reload=yes
+
- name: Restart Cassandra seeds
service:
name: cassandra
diff --git a/ansible/roles/cassandra/templates/override.conf.j2 b/ansible/roles/cassandra/templates/override.conf.j2
new file mode 100644
index 0000000000000000000000000000000000000000..8e17e595474d433285431c7fc34a59b4e1c94d18
--- /dev/null
+++ b/ansible/roles/cassandra/templates/override.conf.j2
@@ -0,0 +1,2 @@
+[Service]
+Environment="_JAVA_OPTIONS='-Dlog4j2.formatMsgNoLookups=true'"
diff --git a/ansible/roles/es6/templates/systemd/elasticsearch.j2 b/ansible/roles/es6/templates/systemd/elasticsearch.j2
index 8bd5545c020d82c3c2b205df5595fbf6e545b508..1c32b1f5a38298590a90ead3aa6e566ea0ca6919 100644
--- a/ansible/roles/es6/templates/systemd/elasticsearch.j2
+++ b/ansible/roles/es6/templates/systemd/elasticsearch.j2
@@ -5,6 +5,7 @@ Wants=network-online.target
After=network-online.target
[Service]
+Environment="_JAVA_OPTIONS='-Dlog4j2.formatMsgNoLookups=true'"
Environment=ES_HOME={{es_home}}
Environment=CONF_DIR={{conf_dir}}
Environment=ES_PATH_CONF={{conf_dir}}
diff --git a/ansible/roles/graylog/tasks/server.yml b/ansible/roles/graylog/tasks/server.yml
index 4c6425ef57f29eb3a9b7b9593c7ba90b347fdb84..ee1a0315c3637edd5aa7bfd852ec723df72874bb 100644
--- a/ansible/roles/graylog/tasks/server.yml
+++ b/ansible/roles/graylog/tasks/server.yml
@@ -40,6 +40,15 @@
mode: 0644
notify: "restart graylog-server"
+- name: "Add log4j env to service file"
+ lineinfile:
+ path: /usr/lib/systemd/system/graylog-server.service
+ insertafter: \[Service]
+ line: "Environment=\"_JAVA_OPTIONS='-Dlog4j2.formatMsgNoLookups=true'\""
+ firstmatch: yes
+ state: present
+ notify: "restart graylog-server"
+
- name: "Graylog server should start after reboot"
file:
path: "/etc/init/graylog-server.override"
diff --git a/ansible/roles/graylog/templates/mongodb.service-Debian.j2 b/ansible/roles/graylog/templates/mongodb.service-Debian.j2
index 5a726a1faefc5447d330c717234e6bac0de7c337..a6d046c1887046b05744fc04212202c34122a649 100644
--- a/ansible/roles/graylog/templates/mongodb.service-Debian.j2
+++ b/ansible/roles/graylog/templates/mongodb.service-Debian.j2
@@ -4,6 +4,7 @@ After=network.target
Documentation=https://docs.mongodb.org/manual
[Service]
+Environment="_JAVA_OPTIONS='-Dlog4j2.formatMsgNoLookups=true'"
User=mongodb
Group=mongodb
ExecStart=/usr/bin/mongod --quiet --config /etc/mongod.conf
diff --git a/ansible/roles/graylog/templates/mongodb.service-RedHat.j2 b/ansible/roles/graylog/templates/mongodb.service-RedHat.j2
index 77dd929862cea6f48cc2f40cb0fd15cbc3841309..cb31dd5240292d89f977bec853339bc60b34aedd 100644
--- a/ansible/roles/graylog/templates/mongodb.service-RedHat.j2
+++ b/ansible/roles/graylog/templates/mongodb.service-RedHat.j2
@@ -4,6 +4,7 @@ After=network.target
Documentation=https://docs.mongodb.org/manual
[Service]
+Environment="_JAVA_OPTIONS='-Dlog4j2.formatMsgNoLookups=true'"
User=mongod
Group=mongod
Environment="OPTIONS=-f /etc/mongod.conf"
diff --git a/ansible/roles/keycloak-provision/templates/keycloak-service.j2 b/ansible/roles/keycloak-provision/templates/keycloak-service.j2
index a9fe45759aa94cfa61b0542e383f1d026a86901e..d6124ede81614a1b81d32c44b4ed9b75b19302c6 100644
--- a/ansible/roles/keycloak-provision/templates/keycloak-service.j2
+++ b/ansible/roles/keycloak-provision/templates/keycloak-service.j2
@@ -11,7 +11,7 @@
keycloakuser=keycloak
keycloakpath=/opt/keycloak/bin
-
+_JAVA_OPTIONS='-Dlog4j2.formatMsgNoLookups=true'
# Normal output log
LOGOUT=/var/log/keycloak.out.log
# Error output log
diff --git a/ansible/roles/log-es6/files/systemd/elasticsearch_override.conf b/ansible/roles/log-es6/files/systemd/elasticsearch_override.conf
index bf0220364cc027fdfa5c31623c6fc2c264432420..b7649bfaa379accca94049ea772d6375f7a2a5d6 100644
--- a/ansible/roles/log-es6/files/systemd/elasticsearch_override.conf
+++ b/ansible/roles/log-es6/files/systemd/elasticsearch_override.conf
@@ -1,2 +1,3 @@
[Service]
+Environment="_JAVA_OPTIONS='-Dlog4j2.formatMsgNoLookups=true'"
LimitMEMLOCK=infinity
diff --git a/ansible/roles/log-es6/tasks/elasticsearch-config.yml b/ansible/roles/log-es6/tasks/elasticsearch-config.yml
index 36d928b3a9f7d79ff437e6153f4d41d8b5859796..d8a51d2798b97cdd65e41e2fc478f73369743a01 100644
--- a/ansible/roles/log-es6/tasks/elasticsearch-config.yml
+++ b/ansible/roles/log-es6/tasks/elasticsearch-config.yml
@@ -103,3 +103,13 @@
force: yes
notify: restart elasticsearch
when: es_config_log4j2 != ''
+
+- name: Add log4j env to service file
+ become: yes
+ lineinfile:
+ path: /usr/lib/systemd/system/elasticsearch.service
+ insertafter: \[Service]
+ line: "Environment=\"_JAVA_OPTIONS='-Dlog4j2.formatMsgNoLookups=true'\""
+ firstmatch: yes
+ state: present
+ notify: restart elasticsearch
diff --git a/ansible/roles/log-es6/templates/elasticsearch.j2 b/ansible/roles/log-es6/templates/elasticsearch.j2
index 4e64f3886b4ec29d2d5a1257fe9344a86e3ec08b..bf2b876f3a460e1ce45b8caab6446bf3e0eb9a14 100644
--- a/ansible/roles/log-es6/templates/elasticsearch.j2
+++ b/ansible/roles/log-es6/templates/elasticsearch.j2
@@ -8,6 +8,8 @@ ES_HOME={{es_home}}
# Elasticsearch temp directory
ES_TMPDIR={{ es_tmp_dir }}
+_JAVA_OPTIONS='-Dlog4j2.formatMsgNoLookups=true'
+
# Elasticsearch Java path
{% if es_java_home | length > 0 %}
ES_JAVA_HOME={{ es_java_home }}
diff --git a/ansible/roles/log-es6/templates/override.conf.j2 b/ansible/roles/log-es6/templates/override.conf.j2
index 38aab167da56aa6799a09cc32538952ede744347..af918b4dbca01f2b1bdb04d02e0f9aec4caa99f1 100644
--- a/ansible/roles/log-es6/templates/override.conf.j2
+++ b/ansible/roles/log-es6/templates/override.conf.j2
@@ -1,7 +1,8 @@
[Service]
+Environment="_JAVA_OPTIONS='-Dlog4j2.formatMsgNoLookups=true'"
{% if m_lock_enabled %}
LimitMEMLOCK = infinity
{% endif %}
{% if es_max_open_files is defined %}
LimitNOFILE = {{ es_max_open_files }}
-{% endif %}
\ No newline at end of file
+{% endif %}
diff --git a/ansible/roles/logstash/templates/logstash.service.j2 b/ansible/roles/logstash/templates/logstash.service.j2
index 2438bd78ad000b003ba90c67377fa1c03860d757..fa46eddc16d942d2ee48cb8d0bc48e1caa1dcd18 100644
--- a/ansible/roles/logstash/templates/logstash.service.j2
+++ b/ansible/roles/logstash/templates/logstash.service.j2
@@ -2,6 +2,7 @@
Description=logstash Daemon
[Service]
+Environment="_JAVA_OPTIONS='-Dlog4j2.formatMsgNoLookups=true'"
Type=simple
User={{learner_user}}
Group={{learner_user}}
diff --git a/ansible/roles/mongodb-cluster/templates/mongodb.service.j2 b/ansible/roles/mongodb-cluster/templates/mongodb.service.j2
index 61eb82c4c256e3e615ea3da572cbf682edf10b06..ded1ab1932e957fc97b00764c04b2cef0667053c 100644
--- a/ansible/roles/mongodb-cluster/templates/mongodb.service.j2
+++ b/ansible/roles/mongodb-cluster/templates/mongodb.service.j2
@@ -5,6 +5,7 @@ Documentation=man:mongod(1)
After=network-online.target
[Service]
+Environment="_JAVA_OPTIONS='-Dlog4j2.formatMsgNoLookups=true'"
User={{ mongodb_user }}
{% if mongodb_use_numa | bool %}
ExecStart=/usr/bin/numactl --interleave=all /usr/bin/mongod --config /etc/mongod.conf