Collection of CheckMK checks (see https://checkmk.com/). All checks and plugins are provided as is. Absolutely no warranty. Send any comments to thl-cmk[at]outlook[dot]com

Skip to content
Snippets Groups Projects
Commit 13cb23e6 authored by thl-cmk's avatar thl-cmk :flag_na:
Browse files

Update README.md

parent 0f804372
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 10 additions and 1 deletion
README.md
+ 10
1
View file @ 13cb23e6
...@@ -27,7 +27,9 @@ You will find more information on the [Apache Log4j 2 Security Vulnerabilities]( ...@@ -27,7 +27,9 @@ You will find more information on the [Apache Log4j 2 Security Vulnerabilities](
--- ---
### Download ### Download
- [cve_2021_44228_log4j.mkp (plugin for CMK 2.0)](/../../../-/raw/main/cve_2021_44228_log4j.mkp) - [cve_2021_44228_log4j.mkp (main plugin for CMK 2.0)](/../../../-/raw/main/cve_2021_44228_log4j.mkp)
- [log4j_executables-2020305.v3.0.1.mkp (scanner executables)](/../../../-/raw/main/log4j_executables-2020305.v3.0.1.mkp)
- [cve_2021_44228_log4j_cmk16.mkp (plugin for CMK 1.6)](/../../../-/raw/main/cve_2021_44228_log4j_cmk16.mkp) - [cve_2021_44228_log4j_cmk16.mkp (plugin for CMK 1.6)](/../../../-/raw/main/cve_2021_44228_log4j_cmk16.mkp)
The direkt download is always the latest version, some times a prerelease. The direkt download is always the latest version, some times a prerelease.
...@@ -36,17 +38,24 @@ The direkt download is always the latest version, some times a prerelease. ...@@ -36,17 +38,24 @@ The direkt download is always the latest version, some times a prerelease.
**Note**: before you update read the [CHANGELOG](CHANGELOG) please, and have a look at the [Releases](https://thl-cmk.hopto.org/gitlab/checkmk/vendor-independent/cve_2021_44228_log4j/-/releases), there might be unexpected changes. **Note**: before you update read the [CHANGELOG](CHANGELOG) please, and have a look at the [Releases](https://thl-cmk.hopto.org/gitlab/checkmk/vendor-independent/cve_2021_44228_log4j/-/releases), there might be unexpected changes.
**IMPORTANT**: On CMK 2.0, if you update from pre _20220309.v0.1.4_ version, you need first to uninstall the _cve_2021_44228_log4j_ package. Then install the new _cve_2021_44228_log4j.mkp_ package and the _log4j_executables-2020305.v3.0.1.mkp_ package. For more information see _How to use_ and the release notes.
--- ---
### Install ### Install
* you need to install the _cve_2021_44228_log4.mkp_ and the _log4j_executables-2020305.v3.0.1.mkp_ package.
* in the checkmk Entrprise/Free edition you can install the plugin via _`Setup > Maintenance > Extension packages`_ * in the checkmk Entrprise/Free edition you can install the plugin via _`Setup > Maintenance > Extension packages`_
* in the checkmk RAW/Community edition you need to copy the package to your checkmk server (via SCP for example), and then - as site user - install the package with `mkp install cve_2021_44228_log4.mkp` from the cli. * in the checkmk RAW/Community edition you need to copy the package to your checkmk server (via SCP for example), and then - as site user - install the package with `mkp install cve_2021_44228_log4.mkp` from the cli.
**Note**: the version of the log4j_executables package refers to the logpresso scanner version included in the package.
--- ---
### How to use ### How to use
To use this plugin you need to deploy the scanner and the plugin for your destination platform. You can do this via the agent bakery (_`Setup > Agents> Windows, Linux, Solaris, AIX > Agent rules > CVE-2021-44228-log4j`_). Here you can also configure some options for the scanner [(see WATO bakery)](doc/wato-bakery-linux.png "WATO bakery"). If you have created (baked) a new agent package you need to redeploy the agent (automatic update/software deployment) To use this plugin you need to deploy the scanner and the plugin for your destination platform. You can do this via the agent bakery (_`Setup > Agents> Windows, Linux, Solaris, AIX > Agent rules > CVE-2021-44228-log4j`_). Here you can also configure some options for the scanner [(see WATO bakery)](doc/wato-bakery-linux.png "WATO bakery"). If you have created (baked) a new agent package you need to redeploy the agent (automatic update/software deployment)
To use this plugin with the checkmk RAW/Community edition or have a platform that is not supported by the bakery have a look at the [how to information](HOWTO.md "how to"). There you will also find more information around this plugin. To use this plugin with the checkmk RAW/Community edition or have a platform that is not supported by the bakery have a look at the [how to information](HOWTO.md "how to"). There you will also find more information around this plugin.
**Note**: beginning with version 20220309.v0.1.4 of the plugin you need two new bakery rules (Linux/Windows) to get the executable deployed. Go to _Setup > Agents > Windows, Linux, Solaris, AIX > Agent rules > log4j CVE scanner executable_
**Note**: only Linux and Windows is implemented for this bakery plugin. If you need this for AIX/Solaris have a look at the [contribution guidelines](CONTRIBUTING.md "Contributing") **Note**: only Linux and Windows is implemented for this bakery plugin. If you need this for AIX/Solaris have a look at the [contribution guidelines](CONTRIBUTING.md "Contributing")
If you have any issues or using the RAW edition of CMK or have a platform that is not supported by the bakery have a look at the [how to information](HOWTO.md "how to"). If you have any issues or using the RAW edition of CMK or have a platform that is not supported by the bakery have a look at the [how to information](HOWTO.md "how to").
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

Collection of CheckMK checks (see https://checkmk.com/). All checks and plugins are provided as is. Absolutely no warranty. Send any comments to thl-cmk[at]outlook[dot]com