VMSA-2023-0007.1 | Upgrading VMware Aria Operations for Logs from 8.10.2 to 8.12.0

By Lerpong Intaraworrapath | September 7th ,2023

The version of the VMware Aria Operations for Logs (previously VMware vRealize Log Insight) program running on the remote system is 8.10.2. As a result, it is vulnerable to a remote code execution vulnerability caused by dangerous deserialization. An unauthenticated, a threat actor with network access to VMware Aria Operations for Logs can exploit this to execute arbitrary code as root.

https://www.vmware.com/security/advisories/VMSA-2023-0007.html

Solution

The issue has been fixed on VMware Aria Operations for Logs 8.12.

How can you update VMware Aria Operations for Logs from 8.10.2 to 8.12.0?

*In this article, we will upgrade a VMware Aria Operations for Logs cluster of three nodes.

1.Download the VMware Aria Operations for Logs version 8.12.0 update file.

https://customerconnect.vmware.com/downloads/details?downloadGroup=OPLOGS-8120&productId=1419&rPId=103833

  • VMware Aria Operations for Logs 8.12 – Upgrade Package
  • VMware-vRealize-Log-Insight-8.12.0-21696970.pak
  • File size: 742.68 MB

2.Take a snapshot of three nodes in VMware Aria Operations for Logs.

3.Log in to VMware Aria Operations and navigate to “Configuration” and “Cluster“.

4.Select “UPGRADE CLUSTER“.

5.Cluster upgrade can only be performed when connected directly to the primary node.

6. You may navigate to “Configuration” and “Cluster” on the primary node, then click “UPGRADE CLUSTER” and choose an upgrade file..

7.Click “UPGRADE

8.Click “ACCEPT“.

This image has an empty alt attribute; its file name is Screen-Shot-2566-09-05-at-13.05.09-1024x875.png

9.Upgrade Log Insight is now progress. (Do not refresh or leave this page)

10.One node of the VMware Aria Operations for Logs cluster has been successfully upgraded.

11.Log in to VMware Aria Operations for Logs master node to verify upgrade status.

  • Node 1 has been completed.
  • Node 2 has been completed.
  • Node 3 has been completed.

12.VMware Aria Operations for Logs has been updated successfully

13.Log in to VMware Aria Operations to verify the version.

14.Check the dashboard and additional integrations.

Reference

https://www.vmware.com/security/advisories/VMSA-2023-0007.html

https://docs.vmware.com/en/VMware-Aria-Operations-for-Logs/8.12/rn/vmware-aria-operations-for-logs-812-release-notes/index.html

https://blogs.vmware.com/management/2023/04/whats-new-in-aria-operations-for-logs-8-12.html

Upgrade VMware vRealize Log Insight (vRLI) to 8.6.2 using vRSLCM 8.6.2

By Lerpong Intaraworrapath | 21st July 2022

This article will walk you through the process of upgrading VMware vRealize Log Insight (vRLI) from 8.4.0 to 8.6.2 using VMware vRealize Suite Lifecycle Manager (vRSLCM) version 8.6.2.

The current version of VMware vRealize Login Insight is 8.4.0-17828109.

3 vRealize Login Insights clusters have been configured in the environment.

STEP – How to upgrade VMware vRealize Log Insight (vRLI) to 8.6.2 by vRSLCM 8.6.2

Check and ADD Product version

1.Login to vRealize Suite Lifecycle Manager (vRSLCM) 8.6.2.

2.Navigate to “Binary Mapping” to upgrade the file for VMware vRealize Log Insight 8.6.2.

3.Click “ADD BINARIES” to get the most recent product version that supports vRSLCM 8.6.2.

4.Select “My VMware” and then click “DISCOVER“.

5.vRSLCM will find vRealize suite products supported by vRSLCM 8.6.2 by utilizing My VMware as configured.

6.Search for VMware vRealize Log Insight product upgrade and tick the box, then click “ADD“.

7. Click to check request status

8.Waiting for the status to change to “Completed“.

Upgrade VMware vRealize Log Insight to 8.6.2

1.Navigate to the environment you wish to upgrade, click “VIEW DETAILS“.

2.The details of vRealize Log Insight will be shown in the image below.

3.Before upgrading, we must sync the vRLI system with the vRSLCM. To do so, click the 3 dots () and then select “Trigger Inventory Sync“.

4.Click the “SUBMIT” button.

5.You will monitor the inventory sync progress at each stage and wait until the sync is complete.

6.After the inventory sync is complete, browse to the environment where vRealize Log Insight is deployed and select “UPGRADE“.

7.If the product’s inventory is already synced, we can proceed to upgrade; otherwise, we recommend clicking trigger inventory sync before proceeding.

8.The target product version 8.6.2 will be shown; click “NEXT“.

9.Check the box to take a snapshot, then click “NEXT”.

10.Pre-check for data validations prior to execution.

11.The status of vRealize Log Insight data validations is indicated below (if status show warning, we recommend to solve the issues before proceed to upgrade). We could collect the pre-check report.

12.Before proceeding with the update, review the information below and click “SUBMIT.”

13.You will notice each stage of vRLI upgrade and wait till it is completed.

14.Upgrade completed successfully.

vRealize Log Insight version 8.6.2-19092412

Check the vRLI version in vRSLCM.

Conclusion

VMware vRealize Suite Lifecycle Manager (vRSLCM) simplifies the deployment, patching, and upgrade process by performing automatic pre-checks and validation on vRealize Suite components.
Upgrading VMware vRealize Log Insight (vRLI) to the current version can assist you in resolving known issues, fixing bugs, and providing security in your environment.