diff --git a/README.md b/README.md index 3020ed7f3e4c137ac85dd8c18972d1db606f90c9..fed5a480be2d78127e19b46b6ad7d5d00bd3c02a 100644 --- a/README.md +++ b/README.md @@ -27,7 +27,9 @@ You will find more information on the [Apache Log4j 2 Security Vulnerabilities]( --- ### Download -- [cve_2021_44228_log4j.mkp (plugin for CMK 2.0)](/../../../-/raw/main/cve_2021_44228_log4j.mkp) +- [cve_2021_44228_log4j.mkp (main plugin for CMK 2.0)](/../../../-/raw/main/cve_2021_44228_log4j.mkp) +- [log4j_executables-2020305.v3.0.1.mkp (scanner executables)](/../../../-/raw/main/log4j_executables-2020305.v3.0.1.mkp) + - [cve_2021_44228_log4j_cmk16.mkp (plugin for CMK 1.6)](/../../../-/raw/main/cve_2021_44228_log4j_cmk16.mkp) The direkt download is always the latest version, some times a prerelease. @@ -36,17 +38,24 @@ The direkt download is always the latest version, some times a prerelease. **Note**: before you update read the [CHANGELOG](CHANGELOG) please, and have a look at the [Releases](https://thl-cmk.hopto.org/gitlab/checkmk/vendor-independent/cve_2021_44228_log4j/-/releases), there might be unexpected changes. +**IMPORTANT**: On CMK 2.0, if you update from pre _20220309.v0.1.4_ version, you need first to uninstall the _cve_2021_44228_log4j_ package. Then install the new _cve_2021_44228_log4j.mkp_ package and the _log4j_executables-2020305.v3.0.1.mkp_ package. For more information see _How to use_ and the release notes. + --- ### Install +* you need to install the _cve_2021_44228_log4.mkp_ and the _log4j_executables-2020305.v3.0.1.mkp_ package. * in the checkmk Entrprise/Free edition you can install the plugin via _`Setup > Maintenance > Extension packages`_ * in the checkmk RAW/Community edition you need to copy the package to your checkmk server (via SCP for example), and then - as site user - install the package with `mkp install cve_2021_44228_log4.mkp` from the cli. +**Note**: the version of the log4j_executables package refers to the logpresso scanner version included in the package. + --- ### How to use To use this plugin you need to deploy the scanner and the plugin for your destination platform. You can do this via the agent bakery (_`Setup > Agents> Windows, Linux, Solaris, AIX > Agent rules > CVE-2021-44228-log4j`_). Here you can also configure some options for the scanner [(see WATO bakery)](doc/wato-bakery-linux.png "WATO bakery"). If you have created (baked) a new agent package you need to redeploy the agent (automatic update/software deployment) To use this plugin with the checkmk RAW/Community edition or have a platform that is not supported by the bakery have a look at the [how to information](HOWTO.md "how to"). There you will also find more information around this plugin. +**Note**: beginning with version 20220309.v0.1.4 of the plugin you need two new bakery rules (Linux/Windows) to get the executable deployed. Go to _Setup > Agents > Windows, Linux, Solaris, AIX > Agent rules > log4j CVE scanner executable_ + **Note**: only Linux and Windows is implemented for this bakery plugin. If you need this for AIX/Solaris have a look at the [contribution guidelines](CONTRIBUTING.md "Contributing") If you have any issues or using the RAW edition of CMK or have a platform that is not supported by the bakery have a look at the [how to information](HOWTO.md "how to").