Security
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

What are the steps for Log4j update?

VijayA
Explorer
‎05-23-2023 11:39 PM

Hi All,

I request to help me with the steps to upgrade log4j to latest version in Splunk On-Prem distributed environment.

 

Labels (1)
Labels
Tags (1)
0 Karma
Reply

isoutamo
SplunkTrust
SplunkTrust
‎05-24-2023 01:28 AM

Hi

you shouldn't update just log4j package under splunk. The correct way is update to whole splunk to the latest version (or at least version which have correct log4j version). Currently only supported Splunk version is 9.x should just update to 9.0.4.1 if possible and this also update your log4j package in splunk to enough new version.

r. Ismo

0 Karma
Reply

VijayA
Explorer
‎05-25-2023 12:47 AM

Hi,

Thanks for your reply!.

I'm new to Splunk and I haven't done installation and configuration. I tried to get Splunk support account from client but no luck.

I need help on upgrade from Splunk.

Who can help, what is the process to get help from Splunk.

Please advise, it is bit urgent.

Appreciate our help and support! 

 

0 Karma
Reply

isoutamo
SplunkTrust
SplunkTrust
‎05-25-2023 01:30 AM

There are many answers in community where this process has described. You should also look https://lantern.splunk.com/Splunk_Platform/Product_Tips/Upgrades_and_Migration/Upgrading_the_Splunk_...

Those should help you to do it. If needed you could ask help from some local Splunk Partner or Splunk professional services if needed.

0 Karma
Reply

VijayA
Explorer
‎05-28-2023 10:25 PM

Hi, I'm trying to understand is it not possible to update only "log4j" in Splunk ?

Is it mandate to upgrade Splunk from old to new?

My current Splunk version is 8.4.1

To upgrade need to plan, the log4j vuln. deadline is 31st, please advise 

 

Thank you for help and support

 

0 Karma
Reply

isoutamo
SplunkTrust
SplunkTrust
‎05-28-2023 11:50 PM

Hi

it’s not possible (at lest it’s out of support after that). Can you check your version number as there is no version 8.4.1?

Here is list of log4j vulnerable splunk versions and packages and in which version those are fixed. https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228... 

r. Ismo 

0 Karma
Reply
Get Updates on the Splunk Community!

Earn a $35 Gift Card for Answering our Splunk Admins & App Developer Survey

Survey for Splunk Admins and App Developers is open now! | Earn a $35 gift card!      Hello there,  Splunk ...

Continuing Innovation & New Integrations Unlock Full Stack Observability For Your ...

You’ve probably heard the latest about AppDynamics joining the Splunk Observability portfolio, deepening our ...

Monitoring Amazon Elastic Kubernetes Service (EKS)

As we’ve seen, integrating Kubernetes environments with Splunk Observability Cloud is a quick and easy way to ...