log4shell_detector

Ansible Role: log4shell-detector

Role to run log4shell-detector script on Debian and RHEL base OS.

Features :

install python3, git
clone Neo23x0/log4shell-detector repository
launch log4shell-detector.py script
copy log4shell-detector output on local files in json
possible to pass a second scan

Many thanks to :

Neo23x0 for the log4shell detector python script.
hillu for the simple local log4j vulnerability scanner written in Go.

Quick start

If you are not familiar with ansible and need the simpliest documentation to run the detection to multiple servers, go directly to the playbook example documentation.

Requirements

None.

Role Variables

Available variables are listed below, along with default values (see defaults/main.yml):

log4shell_args: "-p /var/log --quick"
second_scan_args: "/"
second_scan: false

List of arguments for:

log4shell_args --> Neo23x0/log4shell-detector
second_scan_args --> hillu/local-log4j-vuln-scanner

Dependencies

None.

Example Playbook

Playbook example : r0mdau/ansible-log4shell-detector

- hosts: javaservers
  vars_files:
    - vars/main.yml
  roles:
    - { role: r0mdau.log4shell_detector }

Inside playbook vars/main.yml:

log4shell_args: "-p /var/log"
second_scan_args: "/"
second_scan: true

Scripts

///TODO

ansible-playbook tests/test.yml -i tests/inventory --syntax-check

License

Apache-2.0

Author Information

r0mdau¹

About

Detect log4shell log4j exploits CVE-2021-44228

role log4j log4shell security

Install

ansible-galaxy install r0mdau/ansible-role-log4shell-detector

GitHub repository

18 stars

3 forks

0 open issues

License

apache-2.0

Downloads

Owner

Romain Dauby

Technical Lead, Site Reliability Engineering, I empower teams to be "Highly aligned, loosely coupled"