Help
FortiMonitor
FortiMonitor is a holistic, SaaS-based digital experience and network performance monitoring solution which combines monitoring, network incident management, automation, and network configuration management into a single source of truth
gioguinto
Staff
Staff

Created on ‎01-20-2022 03:36 PM

Technical tip: Mitigating log4j Vulnerability impact on Elastiflow 4 and 5

Description This article describes the mitigation steps for the Apache log4j Vulnerability's effect on ElastiFlow 4 and 5.
Scope ElastiFlow versions 4 and 5
Solution

To mitigate the vulnerability, perform the following steps:

  1. Create /etc/elasticsearch/jvm.options.d/log4j2.options file with the content:
    -Dlog4j2.formatMsgNoLookups=true

  2. Run systemctl restart elasticsearch to restart Elasticsearch.

  3. If you are using ElastiFlow version 4, run: zip -q -d /opt/elk/logstash-latest/logstash-core/lib/jars/log4j-core-2.* org/apache/logging/log4j/core/lookup/JndiLookup.class

For more information, see this post from Elastic.
Labels:
95
0 Kudos
Contributors

Contact Us