Background
XPLG update release includes new features, optimizations and bug fixes. This release also addresses Apache Log4j moderate vulnerability (CVE-2021-44832) that was recently published.
Apache announced that Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. The
The Apache Log4j 2 is an open-source Java package that allows developers to log activity within applications. More information is available here.
...
New dynamic search results gadget - stream unlimited number of events to dashboards.
Support multi-tab searches - run multiple simultaneous searches in different tabs.
General
Bug fixes.
Security updates.
__________________________________________________________________________________________________________________________________________________________
This article guides you through the process of updating your XPLG environment with the latest security update. The procedure is performed in 2 steps:
...
Upgrade/Update procedure
Prerequisites
· This patch requires Java 1.8. Go to the System Status Console at PORTX > System > System Health and check the 'Java Version' under the 'System Information' section.
· Ensure you have a valid V7 valid - Go to PORTX > Settings > License to verify. Contact us for additional information.
IMPORTANT: OS level Services (only for Linux deployments):
In case you're running XPLG processes as services (Linux OS systemctl, init.d, systemd, etc.) follow the below steps, if not move to STEP I below.Stop each of the XPLG instances services using systemctl/service command.
Start each instance manually ('sh /INSTALL_DIR/runXpoLog.sh start')
Proceed to upgrade procedure via GUI.
STEP I
Update Procedure main patch (via GUI)
...
Update Procedure Log4J cleanup patch (via GUI)
DO NOT PERFORM THIS STEP BEFORE COMPLETION AND VERIFICATION OF STEP I ABOVE
Download the update - XPLG Log4J Cleanup Patch (save it - do not extract).
Open a browser to XpoLog and go to the Updates pages (PortX > System > About), click the 'publish patch', select the zip file that was downloaded at #1 and run.
Note: if you're running a cluster, select to publish the patch to all listed nodes.XPLG will automatically deploy the update, and restart - you should see a message indicating a successful deployment once done.
Verify at PortX > System > About that the update is listed as as:
Version: 7 | Build: 1000 | <DATE_OF_DEPLOY> | XpoLog Center 7 remove log4j Patch - February 2022 |
...
OS level Services (only for Linux deployments):
In case you're running XPLG processes as services (Linux OS systemctl, init.d, systemd, etc.) follow the below steps.Stop each of the XPLG instances manually ('sh /INSTALL_DIR/runXpoLog.sh stop')
Start all instances services using systemctl/service command.