Nagios Support Forum

HI Uday, Can you send me the current system profile after making those changes? I'd like to take a closer look at the system log files. Thanks, Benjamin To send us your system profile. Login to the Nagios XI GUI using a web browser. Click the "Admin" > "System Profile" Menu Click...

Hi, We have an update on our company website regarding the vulnerability. More information at: https://www.nagios.com/news/2021/12/update-on-apache-log4j-vulnerability/ While Nagios XI does not have this program by default, we recommend reviewing your systems for any java based integrations or other...

Hi, Can anyone from Nagios Support provide input as to whether any of the 'agents' are affected by the log4j vuln? (nrpe, nsca, nsclient, etc. etc.) We have updated our company blog with important information on this issue. https://www.nagios.com/news/2021/12/update-on-apache-log4j-vulnerability/ We...

HI nagios-retail , We have published information this morning on this vulnerability on our company blog: https://www.nagios.com/news/ While Nagios XI does not have this program by default, we recommend reviewing your systems for any java based integrations or other software that may utilize this pac...

Hi, Log4j is a Java system and Nagios is based on PHP so from that I'm also assuming it is ok. It would be good to have official confirmation and we can all tick it off as one less thing to worry about. That is correct, it's java based and Nagios XI does not use Java by default. We recommend reviewi...

Hi, Thanks for reaching out on this issue. We have an update on our company website regarding the vulnerability. More information at: https://www.nagios.com/news/2021/12/update-on-apache-log4j-vulnerability/ While Nagios XI does not have this program by default, we recommend reviewing your systems f...

Hi,

Your welcome. Did you have any other questions or may we mark this as resolved?

Let us know when you have a momoment.

--Benjamin

Hi Joseph, Does the nagios XI product natively integrated with Log4 as there is an active exploit in the wild being used. I could not find any evidence that we had seen integration to this product but our security team would like confirmation from the Nagios team Thanks for reaching out on this issu...

Hi, Thanks for contacting the Nagios Support Team and providing a detailed description of the issue here. It does look like there are multiple issues present. The employee left, so went into Nagios to remove him. Most checks went to "pending status" after did Apply Configuration Are you st...

Hi, Thanks for reaching out on this important issue. Nagios Enterprises takes data security and information integrity very seriously. Currently, we are evaluating our use of Apache products and our exposure to the vulnerability described in CVE-2021-44228. We have updated our company blog with impor...