The vRealize Log Insight 8.4 Hot Fix 1 is a public hot fix that addresses the following issues:
CVE-2021-44228 and CVE-2021-45046 log4j vulnerabilities.
Log rotation related issues of several log files resulting in the appliance root file system getting full.
Environment
VMware vRealize Log Insight 8.4.x
Cause
vRealize Log Insight 8.4 is impacted by the above-mentioned vulnerabilities.
Resolution
Download and install the correct Hot Fix version that matches your version of vRealize Log Insight.
Download the vRealize Log Insight 8.4 Hot Fix PAK file from the VMware Patch Portal.
Note: Select vRealize Log Insight as the Product and select 8.4 as the version and click Search. Select the option below.
Release Name
Release Date
Build Number
File Name
vRLI-8.4-HF1
Jan-19-2022
19207262
VMware-vRealize-Log-Insight-8.4.0-19207262.pak
Prerequisites
Create a snapshot or backup copy of the vRealize Log Insight virtual appliance.
Obtain a copy of the vRealize Log Insight upgrade bundle .pak file for the release you are upgrading to.
Verify that you are logged in to the vRealize Log Insight web user interface as a user with the Edit Admin permission. The URL format is https://log-insight-host, where log-insight-host is the IP address or host name of the vRealize Log Insight virtual appliance.
Make a note of any nodes you are upgrading that are in maintenance mode. When the upgrade is finished, you must move them from the state Connected to Maintenance mode.
Procedure
Click the configuration drop-down menu icon and select Administration.
Under Management, click Cluster.
Click Upgrade from PAK to upload the .pak file.
Accept the new EULA to complete the upgrade procedure.
What to do next
After the master node upgrade process is complete, you can view the remaining upgrade process, which is automatic.
Check for the email sent to the Admin to confirm the upgrade completed successfully.
After upgrade, all nodes are brought online even if they were in maintenance mode before the upgrade. Move these nodes back to maintenance mode as needed.
Additional Information
Impact/Risks: It is recommended to take snapshots before applying the Hot Fix.