Security

What are the steps for Log4j update?

VijayA
Explorer

Hi All,

I request to help me with the steps to upgrade log4j to latest version in Splunk On-Prem distributed environment.

 

Labels (1)
Tags (1)
0 Karma

isoutamo
SplunkTrust
SplunkTrust

Hi

you shouldn't update just log4j package under splunk. The correct way is update to whole splunk to the latest version (or at least version which have correct log4j version). Currently only supported Splunk version is 9.x should just update to 9.0.4.1 if possible and this also update your log4j package in splunk to enough new version.

r. Ismo

0 Karma

VijayA
Explorer

Hi,

Thanks for your reply!.

I'm new to Splunk and I haven't done installation and configuration. I tried to get Splunk support account from client but no luck.

I need help on upgrade from Splunk.

Who can help, what is the process to get help from Splunk.

Please advise, it is bit urgent.

Appreciate our help and support! 

 

0 Karma

isoutamo
SplunkTrust
SplunkTrust

There are many answers in community where this process has described. You should also look https://lantern.splunk.com/Splunk_Platform/Product_Tips/Upgrades_and_Migration/Upgrading_the_Splunk_...

Those should help you to do it. If needed you could ask help from some local Splunk Partner or Splunk professional services if needed.

0 Karma

VijayA
Explorer

Hi, I'm trying to understand is it not possible to update only "log4j" in Splunk ?

Is it mandate to upgrade Splunk from old to new?

My current Splunk version is 8.4.1

To upgrade need to plan, the log4j vuln. deadline is 31st, please advise 

 

Thank you for help and support

 

0 Karma

isoutamo
SplunkTrust
SplunkTrust

Hi

it’s not possible (at lest it’s out of support after that). Can you check your version number as there is no version 8.4.1?

Here is list of log4j vulnerable splunk versions and packages and in which version those are fixed. https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228... 

r. Ismo 

0 Karma
Get Updates on the Splunk Community!

Exporting Splunk Apps

Join us on Monday, October 21 at 11 am PT | 2 pm ET!With the app export functionality, app developers and ...

Cisco Use Cases, ITSI Best Practices, and More New Articles from Splunk Lantern

Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...

Build Your First SPL2 App!

Watch the recording now!.Do you want to SPL™, too? SPL2, Splunk's next-generation data search and preparation ...