AnsiblePilot — Master Ansible Automation

AnsiblePilot is the leading resource for learning Ansible automation, DevOps, and infrastructure as code. Browse over 1,400 tutorials covering Ansible modules, playbooks, roles, collections, and real-world examples. Whether you are a beginner or an experienced engineer, our step-by-step guides help you automate Linux, Windows, cloud, containers, and network infrastructure.

Popular Topics

About Luca Berton

Luca Berton is an Ansible automation expert, author of 8 Ansible books published by Apress and Leanpub including "Ansible for VMware by Examples" and "Ansible for Kubernetes by Example", and creator of the Ansible Pilot YouTube channel. He shares practical automation knowledge through tutorials, books, and video courses to help IT professionals and DevOps engineers master infrastructure automation.

Ansible code in RHSB-2021-009 Log4Shell - Remote Code Execution - log4j (CVE-2021-44228) — Video Tutorial

Learn how my Ansible Playbook was featured in Red Hat Security Bulletin RHSB-2021-009 to address the Log4Shell vulnerability (CVE-2021-44228).

Watch on YouTube · Read the written article

Tutorial summary

What you'll learn

  • RHSB-2021-009
  • Ansible Playbook
  • Ansible Galaxy Role
  • Conclusion
  • Related Articles
  • About Log4Shell (CVE-2021-44228)
  • How the Ansible Playbook Works
  • Remediation with Ansible
  • Impact and Timeline
  • FAQ
My Ansible Playbook code was officially included in the Red Hat Security Bulletin RHSB-2021-009 Log4Shell - Remote Code Execution - log4j (CVE-2021-44228). RHSB-2021-009 - [Red Hat Security Bulletin RHSB-2021-009](https://access.redhat.com/security/vulnerabilities/RHSB-2021-009) - [Ansible Playbook](https://access.redhat.com/sites/default/files/log4j-cve-2021-44228--2022-01-11-1756.yml) - [Ansible variable file](https://access.redhat.com/sites/default/files/log4j-cve-2021-44228-vars--2022-01-11-1756.yml) Ansible Playbook Read about the line-by-line video of the [Vulnerability Scanner/Detector Log4Shell Remote Code Execution Log4j (CVE-2021–44228) — Ansible log4j-cve-2021–44228](/articles/vulnerability-scanner-detector-log4shell-remote-code-execution-log4j-cve-2021-44228-ansible-log4j-cve-2021-44228). [code with ❤️ in GitHub](https://github.com/lucab85/log4j-cve-2021-44228) Ansible Galaxy Role Read about the line-by-line video of the [Download and Use Ansible Galaxy Role - ansible-galaxy and requirements.yml](/articles/download-and-use-ansible-galaxy-collection-ansible-galaxy-and-requirements). Ansible Galaxy [lucab85/ansible_role_log4shell](https://galaxy.ansible.com/lucab85/ansible_role_log4shell) role. Conclusion My Ansible Playbook code was officially included in the Red Hat Security Bulletin RHSB-2021-009 Log4Shell. Related Articles - [the Ansible Galaxy reference](/articles/ansible-galaxy-complete-guide) About Log4Shell (CVE-2021-44228) Log4Shell is a critical remote code execution vulnerability in Apache Log4j 2, a widely used Java logging library. Discovered in December 2021, it scored a **CVSS 10.0** — the maximum severity. The vulnerability allows attackers to execute arbitrary code on any system running a vulnerable version of Log4j. How the Ansible Playbook Works The playbook scans systems for vulnerable Log4j instances by: 1. **Searching the filesystem** for `.jar` files containing Log4j 2. **Checking versions** to identify vulnerable releases (2.0 to 2.17.0) 3. **Reporting findings** with file paths, versions, and severity 4. **Optional remediation** by removing the vulnerable `JndiLookup.class` ```yaml Example: Quick Log4j scan with Ansible - name: Scan for Log4j vulnerabilities hosts: all become: true tasks: - name: Find all jar files containing log4j ansible.builtin.find: paths: / patterns: "log4j-core-*.jar" recurse: true file_type: file register: log4j_files - name: Report vulnerable files ansible.builtin.debug: msg: "VULNERABLE: {{ item.path }}" loop: "{{ log4j_files.files }}" when: log4j_files.files | length > 0 - name: No vulnerabilities found ansible.builtin.debug: msg: "No Log4j files found on {{ inventory_hostname }}" when: log4j_files.files | length == 0 ``` Remediation with Ansible ```yaml Remove the vulnerable JndiLookup class from jar files - name: Mitigate Log4Shell hosts: all becom

About this tutorial

  • Author: Luca Berton
  • Difficulty: Beginner
  • Read time: 3 min
  • Category: installation

Topics covered

Related video tutorials