Ansible detector scanner playbook to verify target Linux hosts using the official Red Hat Log4j detector script Remote Code Execution — log4j (CVE-2021–44228).

Luca Berton

·

Follow

4 min read

·

Dec 21, 2021

--

Share

Ansible playbook

code

• log4j-cve-2021–44228.yml

---
- name: detector for Apache Log4j (CVE-2021-44228)
  hosts: all
  become: true
  tasks:
    - include_vars: vars.yml    - name: dependency present
      ansible.builtin.package:
        name: unzip
        state: present
        update_cache: true    - name: create detector directory
      ansible.builtin.file:
        path: '{{ detector_dir }}'
        state: directory    - name: download detector file(s)
      ansible.builtin.get_url:
        url: "{{ detector_baseurl }}{{ item }}"
        dest: "{{ detector_dir }}{{ item }}"
        mode: '0755'
        owner: root
        group: root
      with_items:
        - '{{…