Thanks for sharing your experience. with the new release. It is good to see I am not the only one. I also see multiple files with "log4j" in the name, so cleanup didn't happen either.
I'll give support some time to respond before I consider next steps.
Regards,
Brandon
lee.bennett wrote:
sbsbstout wrote:Hello,
After upgrade, the web UI still shows version 2.1.10 and update check alerts there is an update.
The upgrade.log file shows new version installed. I ran the upgrade a second time and upgrade.log shows new version is installed. I rebooted the server after each upgrade.
upgrade.log - after first run
Old Version: 2110
New Version: 2111
upgrade.log - after second run
Old Version: 2111
New Version: 2111
No errors and both times, "Nagios Log Server Upgrade Complete!"
Brandon
Hi Brandon,
We had also tried to updated to 2.1.11 a couple of hours ago and experienced the same as you. We had taken a VM snapshot and have for now rolled back. We also tried an upgrade attempt straight after a reboot. Both using the Quick and manual process, including 'Disabling Shard Allocation'.
Additionally, we also noted that if we run find / -name "*log4j*" we still see just as many Log4j files! Confirming that the changes in the upgrade did not take place...
In the Admin overview and in the bottom header it still shows version 2.1.10. In the past, these locations showed the correct version after an upgrade and the check for update also represented the updated situation.
Brandon
ssax wrote:Based on the hover tooltip on Disable Update Check in Admin > Global Settings it says that it only checks for updates every 24 hours so it likely won't show as updated until then.
I would like to confirm that
a) The logserver version did NOT increase on the web interface
b) there is still *1* log4j JAR file, is it safe to remove? won't it affect logstash? (probably the kafka component?)
[lib]# cat /usr/local/nagioslogserver/logstash/vendor/bundle/jruby/1.9/gems/jruby-kafka-1.5.0-java/lib/jruby-kafka_jars.rb
# this is a generated file, to avoid over-writing it just delete this comment
require 'jar_dependencies'
(...)
require_jar( 'log4j', 'log4j', '1.2.17' )
(...)
Once QA has confirmed testing is finished there should be an release (likely today) that will update the NCPA agent as well as jquery/log4j to remove the files.