Security

What are the steps for Log4j update?

VijayA
Explorer

Hi All,

I request to help me with the steps to upgrade log4j to latest version in Splunk On-Prem distributed environment.

 

Labels (1)
Tags (1)
0 Karma

isoutamo
SplunkTrust
SplunkTrust

Hi

you shouldn't update just log4j package under splunk. The correct way is update to whole splunk to the latest version (or at least version which have correct log4j version). Currently only supported Splunk version is 9.x should just update to 9.0.4.1 if possible and this also update your log4j package in splunk to enough new version.

r. Ismo

0 Karma

VijayA
Explorer

Hi,

Thanks for your reply!.

I'm new to Splunk and I haven't done installation and configuration. I tried to get Splunk support account from client but no luck.

I need help on upgrade from Splunk.

Who can help, what is the process to get help from Splunk.

Please advise, it is bit urgent.

Appreciate our help and support! 

 

0 Karma

isoutamo
SplunkTrust
SplunkTrust

There are many answers in community where this process has described. You should also look https://lantern.splunk.com/Splunk_Platform/Product_Tips/Upgrades_and_Migration/Upgrading_the_Splunk_...

Those should help you to do it. If needed you could ask help from some local Splunk Partner or Splunk professional services if needed.

0 Karma

VijayA
Explorer

Hi, I'm trying to understand is it not possible to update only "log4j" in Splunk ?

Is it mandate to upgrade Splunk from old to new?

My current Splunk version is 8.4.1

To upgrade need to plan, the log4j vuln. deadline is 31st, please advise 

 

Thank you for help and support

 

0 Karma

isoutamo
SplunkTrust
SplunkTrust

Hi

it’s not possible (at lest it’s out of support after that). Can you check your version number as there is no version 8.4.1?

Here is list of log4j vulnerable splunk versions and packages and in which version those are fixed. https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228... 

r. Ismo 

0 Karma
Get Updates on the Splunk Community!

Index This | Divide 100 by half. What do you get?

November 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with this ...

Stay Connected: Your Guide to December Tech Talks, Office Hours, and Webinars!

❄️ Celebrate the season with our December lineup of Community Office Hours, Tech Talks, and Webinars! ...

Splunk and Fraud

Watch Now!Watch an insightful webinar where we delve into the innovative approaches to solving fraud using the ...