Help
FortiMonitor
FortiMonitor is a holistic, SaaS-based digital experience and network performance monitoring solution which combines monitoring, network incident management, automation, and network configuration management into a single source of truth
gioguinto
Staff
Staff

Created on ‎01-20-2022 03:36 PM

Article Id 203459

Technical tip: Mitigating log4j Vulnerability impact on Elastiflow 4 and 5

Description This article describes the mitigation steps for the Apache log4j Vulnerability's effect on ElastiFlow 4 and 5.
Scope ElastiFlow versions 4 and 5
Solution

To mitigate the vulnerability, perform the following steps:

  1. Create /etc/elasticsearch/jvm.options.d/log4j2.options file with the content:
    -Dlog4j2.formatMsgNoLookups=true

  2. Run systemctl restart elasticsearch to restart Elasticsearch.

  3. If you are using ElastiFlow version 4, run: zip -q -d /opt/elk/logstash-latest/logstash-core/lib/jars/log4j-core-2.* org/apache/logging/log4j/core/lookup/JndiLookup.class

For more information, see this post from Elastic.
Labels:
392
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.