Open In App

Microsoft Azure – Check for Apache Log4J Vulnerability in Azure VMs

Last Updated : 30 Mar, 2023
Improve
Improve
Like Article
Like
Save
Share
Report

In this article, we’ll be finding the Apache Log4J Application is Installed in Azure Servers or Not by using Azure Portal. As logging to servers is not possible at a time to find Log4J We’ll use KQL Query to find it.

With the help of KQL Query, we will be finding the Detecting Log4j Installed Servers by using the Azure Monitor service in Azure Portal.

KQL Query:

ConfigurationData | distinct FileSystemPath

This query is used to all the unique file paths in the disks from the select scope.

KQL Query:

ConfigurationData
| where FileSystemPath contains "log4j"
| project Computer, FileSystemPath

Output:

  • If you don’t find any Computer Name and File System Path. i.e., You can consider that your servers are not having Apache Log4J vulnerability.
ConfigurationData
| where FileSystemPath contains "liblog4j2-java"
| project Computer, FileSystemPath

Output:

  • If here also, you don’t find any Computer Name and File System Path. i.e., You can consider that your servers are not having Apache Log4J vulnerability.

KQL Query:

ConfigurationData | distinct SoftwareName

This query is used to find all the unique Software Names.

KQL Query:

ConfigurationData
| where SoftwareName contains "log4j"
| project Computer, SoftwareName

Output:

  • Again if you don’t find any Computer Name and Software Name. i.e., You can consider that your servers are not having Apache Log4J vulnerability.

KQL Query:

ConfigurationData
| where SoftwareName contains "liblog4j2-java"
| project Computer, SoftwareName

Output:

Reference:


Previous Article
Next Article

Similar Reads

Microsoft Azure - Azure CLI Commands to Manage Azure VMs
Azure Command-line interface is used to manage or to create Azure resources. By using the simple AZ CLI command we can manage Azure VM quickly and at a Scale. Let's get started by using a few important Azure CLI commands to manage Azure Virtual Machines. 1. Start a Specific Stopped VM in a Select Resource Group Use the below command to start a spec
2 min read
Microsoft Azure - Manage Azure VMs using Azure PowerShell Commands
Here we are using Azure PS Commands to manage azure resources from Azure Cloud Shell or by using Windows PowerShell. By using the simple AZ PS command we can manage Azure VM Quicks without any efforts of navigating in Azure Portal and at Scale. Let's get started by using the major Azure PS commands to manage Azure Virtual Machine. 1. Start a Specif
2 min read
Microsoft Azure - Pre-built Azure VMs
In this article, we will learn how to get started with Prebuilt Azure Virtual Machines ready for containers. If you wanted to get started with Docker, and you're thinking if there were some VMs that had already been set up with Docker and some images for you to try out, then you should definitely check out the VMs that are available inside the Azur
2 min read
Microsoft Azure - CPU and Memory Utilization of Azure VMs in a Single Table Chart
In this article, you will see that how you can analyze your azure virtual machine's performance of both CPU Utilization and Memory Utilization at once using azure log queries. These KQL queries will help you to understand all the Azure VMs Performance in the form of a table chart and this will also allow you to export the data in the CSV file. With
3 min read
Microsoft Azure - Create SHH Key to Manage Azure Linux VMs
Creating an SSH key resource allows you to manage and use public keys stored in Azure with Linux virtual machines. Here In this article, we will be creating an SSH Key to manage Azure Linux Virtual Machines in Azure by using a public key. Let's get started by creating a one in Azure. Create SHH Key in Azure: Follow the steps to create an SSH key in
2 min read
Microsoft Azure - VMs Patch Update Summary by Installation Status
Here we will be using the KQL Query to find the Status of Patch Updates by Installation Status. Use Azure Log Analytics Workspace or Azure Workbook to run the queries in this article. KQL Query 1: Use the below log analytics log query to get the details of resources where Installation Status is Succeeded. UpdateRunProgress | summarize arg_max(TimeG
2 min read
Scaling Azure VMs: Vertical And Horizontal Strategies
As someone who has been working with Azure for a few years now, I can attest to the importance of having a cloud infrastructure that can adapt to changing workloads and demands. One of the key features that has really impressed me about Azure is its ability to scale virtual machines (VMs) using two main strategies: vertical scaling and horizontal s
11 min read
Microsoft Azure - Check Status of Azure VM using Azure PowerShell
The following Azure PowerShell command helps you to find the Azure VM Config and properties details of Os Name, Os Version, Hyper V Generation, Disks properties, Extensions properties of Type Handler Version, Status and Message, VM Agents properties of Type Handler Version, Status and Message and also VM Power Status Codes, Messages, Plugins, Time
3 min read
Microsoft Azure - Get Azure VM Properties using Azure PowerShell
The purpose of using the Azure PowerShell Commands is to quickly analyze the overall properties of VM/VMs at once the filtering the with select and where conditions. To find the properties of an Azure VM, you can perform the following commands in Azure Cloud Shell to get the details. Command: Get-AzVM Output: 1. Get all properties of an Azure Virtu
2 min read
Microsoft Azure - RDP to Azure Virtual Machines using Azure Bastion
In this article, we will learn how to do RDP(Remote Desktop Protocol) / SSH(Secure Shell) Connection to an Azure VM using Azure Bastion. First, let's discuss Azure Bastion. The Azure Bastion service is a fully platform-managed PaaS service that you provision inside your virtual network. It provides secure and seamless RDP/SSH connectivity to your v
3 min read