Some users may experience issues accessing the case portal. For more information, please click here.

This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Jayshreepatel
Level 3
‎Jan 26, 2022 04:59 AM

Discover Open Source & Log4j

Jump to solution

Does  Flexera have a paper on the  discovery of Open Source Software & in particular for Log4J

Labels (1)
0 Kudos
2 Solutions
mfranz
Level 16 Champion
Level 16 Champion
‎Jan 26, 2022 11:38 AM

Jump to solution

There is a great article on how to use the FNMS agent file scan to identify problematic log4j files: https://community.flexera.com/t5/FlexNet-Manager-Blog/Finding-installations-of-Apache-Log4j-or-other-files-on/ba-p/217513

This might have limits if OSS is highly integrated, like code-wise.

Softline Group is Europe's leading independent expert in Software Asset Management.

View solution in original post

ChrisG
Community Manager Community Manager
Community Manager
‎Feb 01, 2022 05:02 PM

Jump to solution

Here are some other resources related to Log4j that you may find interesting reading:

In terms of discovery of open source software components that are included in other software, the following info may be helpful: What is Software Composition Analysis?

 

(Did my reply solve the question? Click "ACCEPT AS SOLUTION" to help others find answers faster. Liked something? Click "KUDO". Anything expressed here is my own view and not necessarily that of my employer, Flexera.)

View solution in original post

3 Replies
mfranz
Level 16 Champion
Level 16 Champion
‎Jan 26, 2022 11:38 AM

Jump to solution

There is a great article on how to use the FNMS agent file scan to identify problematic log4j files: https://community.flexera.com/t5/FlexNet-Manager-Blog/Finding-installations-of-Apache-Log4j-or-other-files-on/ba-p/217513

This might have limits if OSS is highly integrated, like code-wise.

Softline Group is Europe's leading independent expert in Software Asset Management.
Jayshreepatel
Level 3
‎Jan 26, 2022 11:47 AM

Jump to solution

Thank you 

 

0 Kudos
ChrisG
Community Manager Community Manager
Community Manager
‎Feb 01, 2022 05:02 PM

Jump to solution

Here are some other resources related to Log4j that you may find interesting reading:

In terms of discovery of open source software components that are included in other software, the following info may be helpful: What is Software Composition Analysis?

 

(Did my reply solve the question? Click "ACCEPT AS SOLUTION" to help others find answers faster. Liked something? Click "KUDO". Anything expressed here is my own view and not necessarily that of my employer, Flexera.)