Fortinet Document Library

Version:


Table of Contents

FortiMonitor User Guide

22.1.0
Copy Link

Technical tip: Mitigating log4j Vulnerability impact on Elastiflow 4 and 5

Description

This article describes the mitigation steps for the Apache log4j Vulnerability's effect on ElastiFlow 4 and 5.

Scope

ElastiFlow versions 4 and 5

Mitigation steps

To mitigate the vulnerability, perform the following steps:

  1. Create /etc/elasticsearch/jvm.options.d/log4j2.options file with the content:
    -Dlog4j2.formatMsgNoLookups=true

  2. Run systemctl restart elasticsearch to restart Elasticsearch.

  3. If you are using ElastiFlow version 4, run: zip -q -d /opt/elk/logstash-latest/logstash-core/lib/jars/log4j-core-2.* org/apache/logging/log4j/core/lookup/JndiLookup.class

For more information, see this post from Elastic.

Technical tip: Mitigating log4j Vulnerability impact on Elastiflow 4 and 5

Description

This article describes the mitigation steps for the Apache log4j Vulnerability's effect on ElastiFlow 4 and 5.

Scope

ElastiFlow versions 4 and 5

Mitigation steps

To mitigate the vulnerability, perform the following steps:

  1. Create /etc/elasticsearch/jvm.options.d/log4j2.options file with the content:
    -Dlog4j2.formatMsgNoLookups=true

  2. Run systemctl restart elasticsearch to restart Elasticsearch.

  3. If you are using ElastiFlow version 4, run: zip -q -d /opt/elk/logstash-latest/logstash-core/lib/jars/log4j-core-2.* org/apache/logging/log4j/core/lookup/JndiLookup.class

For more information, see this post from Elastic.