Currently, enabling access logging for Hot Rod and REST via log4j2.xml by setting the level to TRACE has different behaviors:

<!-- Hot Rod access log -->
<Logger name="org.infinispan.HOTROD_ACCESS_LOG" additivity="false" level="INFO">
<AppenderRef ref="HR-ACCESS-FILE"/>
</Logger>

<!-- REST access log -->
<Logger name="org.infinispan.REST_ACCESS_LOG" additivity="false" level="INFO">
<AppenderRef ref="REST-ACCESS-FILE"/>
</Logger>

REST access log records both successful and failed requests, including unauthorized attempts (401).

127.0.0.1 - [02/Sep/2025:11:50:16 +0200] "GET /rest/v2/server HTTP/1.1" 401 0 0 0
127.0.0.1 - [02/Sep/2025:11:50:57 +0200] "GET /rest/v2/server HTTP/1.1" 401 0 0 1

Hot Rod access log, instead, records only successful requests.

127.0.0.1 - [02/Sep/2025:12:55:16 +0200] "PING // HOTROD/3.1" OK 162 123 1
127.0.0.1 - [02/Sep/2025:12:55:16 +0200] "PING // HOTROD/3.1" OK 14 123 0

Customers cannot see failed Hot Rod connection attempts (due to invalid credentials).

In environments with many clients, it becomes impossible to identify which clients are failing authentication, since their IPs are not logged.

This is inconsistent with REST access logging and reduces observability.

By making Hot Rod access logs include also failed authentication attemps as in the REST access logs allows admins to identify misconfigured or unauthorized clients by their IP addresses.