AIOps

AIOps

Join this online group to communicate across IBM product users and experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only

  • 1.  Can I delete the log4j jar file in Netcool/OMNIbus ?

    Posted Wed June 07, 2023 02:41 AM

    I need to address the log4j vulnerability contained in Netcool/OMNIbus.

    Can I delete the file '/opt/IBM/tivoli/netcool/omnibus/java/jars/log4j-1.2.8.jar' ?  

    This jar file is found in the server where the EIF Probe is running. EIF Probe uses java, so I'm afraid that deleting it will affect the operation.



    ------------------------------
    Ken Iida
    Ken.Iida@kyndryl.com
    NagoyaJapan
    ------------------------------


  • 2.  RE: Can I delete the log4j jar file in Netcool/OMNIbus ?
    Best Answer

    Posted Wed June 07, 2023 05:53 AM

    Ken,

    Deleting the entire jar file will cause problems and is unnecessary to mitigate the issue. Here's what you need to do:

    find / -name "log4j-core-*.jar" -exec zip -q -d {} org/apache/logging/log4j/core/lookup/JndiLookup.class \;
    reboot

    The above command will find all files named "log4j-core-*.jar" on the system and will remove the "JndiLookup.class" file from them. The 'reboot' is a fairly large hammer, but it will restart all processes on the box. Alternatively, you can stop and restart all java processes running on the server.



    ------------------------------
    Frank Tate
    Gulfsoft Consulting
    https://www.gulfsoft.com
    AIOps Experts. Contact us for implementation help.
    ------------------------------

    Original Message


  • 3.  RE: Can I delete the log4j jar file in Netcool/OMNIbus ?

    Posted Wed June 07, 2023 07:26 PM

    Thanks. I understand.



    ------------------------------
    Ken Iida
    Ken.Iida@kyndryl.com
    NagoyaJapan
    ------------------------------

    Original Message