Install Guide
Log4j2 Scanner is an app that visualizes the result data of the scanner, and the scanner must be installed on each server first.
- Download Logpresso Log4j scanner on your system.
- Wait until scanning is completed.
- When scanning is completed, scanner sends report to Log4j2 Scanner App
- The Log4j2 Scanner app receives reports from the scanner and visualizes them.
- View dashboard or search logs as you want.
- CVE-2021-44228 vulnerability should be mitigated immediately. Use --force-fix option to eliminate JndiLookup.class file from vulnerable JAR file.
- For log4j 2.x vulnerabilities, keep the number of vulnerable files equal to the number of mitigated files. You should uninstall vulnerable application or upgrade it to remove vulnerabilities.
- For log4j 1.x vulnerabilities, upgrade log4j 1.x to hardened reload4j or Log4j 2 to remove vulnerabilities.
Any Linux and UNIX
For Linux, Solaris, HP-UX, AIX with Java installation
If you have java (7 or above) on your system, copy/paste following auto-generated command and run it as root.
wget -q https://github.com/logpresso/CVE-2021-44228-Scanner/releases/download/v3.0.1/logpresso-log4j2-scan-3.0.1.jar && java -jar logpresso-log4j2-scan-3.0.1.jar --scan-log4j1 --scan-logback --throttle 1000 --syslog-udp [SERVER IP]:[syslog PORT] /
Any Windows
Both 32bit and 64bit with Java installation
If you have java (7 or above) on your system, copy/paste following auto-generated command and run it as administrator.
- Download logpresso-log4j2-scan-3.0.1.jar: logpresso-log4j2-scan-3.0.1.jar
- Copy/paste following auto-generated command and run it as administator.
java -jar logpresso-log4j2-scan-3.0.1.jar --scan-log4j1 --scan-logback --all-drives --throttle 1000 --syslog-udp [SERVER IP]:[syslog PORT]
Mac OS X
For Intel/ARM Mac without Java installation
Copy/paste following auto-generated command and run it as root.
wget -q https://github.com/logpresso/CVE-2021-44228-Scanner/releases/download/v3.0.1/logpresso-log4j2-scan-3.0.1-darwin.zip && unzip logpresso-log4j2-scan-3.0.1-darwin.zip && ./log4j2-scan --scan-log4j1 --scan-logback --throttle 1000 --syslog-udp [SERVER IP]:[syslog PORT] /
Linux x64
For RHEL/CentOS 6 or above without Java installation
Copy/paste following auto-generated command and run it as root.
wget -q https://github.com/logpresso/CVE-2021-44228-Scanner/releases/download/v3.0.1/logpresso-log4j2-scan-3.0.1-linux.tar.gz && tar xzf logpresso-log4j2-scan-3.0.1-linux.tar.gz && ./log4j2-scan --scan-log4j1 --scan-logback --throttle 1000 --syslog-udp [SERVER IP]:[syslog PORT] /
Linux aarch64
For RHEL/CentOS 6 or above without Java installation
Copy/paste following auto-generated command and run it as root.
wget -q https://github.com/logpresso/CVE-2021-44228-Scanner/releases/download/v3.0.1/logpresso-log4j2-scan-3.0.1-linux-aarch64.tar.gz && tar xzf logpresso-log4j2-scan-3.0.1-linux-aarch64.tar.gz && ./log4j2-scan --scan-log4j1 --scan-logback --throttle 1000 --syslog-udp [SERVER IP]:[syslog PORT] /
Windows x64
Windows without Java installation
- Download logpresso-log4j2-scan-3.0.1-win64.zip and unzip.: logpresso-log4j2-scan-3.0.1-win64.zip
- Copy/paste following auto-generated command and run it as administator.
log4j2-scan.exe --scan-log4j1 --scan-logback --all-drives --throttle 1000 --syslog-udp [SERVER IP]:[syslog PORT]