This python script downloads a public CSV file filled with IPs of bad actors that are trying to abuse the Log4j vulnerability. Then it uses the vRealize Network Insight APIs to check whether any connection attempts have been made in the network that vRNI monitors.
CSV file with IPs: https://gist.github.com/blotus/f87ed46718bfdc634c9081110d243166
- Tested with python3
- vRealize Network Insight Python SDK
- Run
pip3 install -r requirements.txt
to install any requirements you might not have
This is how to run the script:
# export PYTHONPATH=/your/path/tp/network-insight-sdk-python/swagger_client-py2.7.egg
# python3 vrni-log4j-flow-check.py --platform_ip pre-ga.vrni.cmbu.local --username toolkit@local.com --password $VRNI_PW
If you are running this on the vRealize Network Insight Toolkit, the Python SDK and PYTHONPATH will already be set: all you have to do is download the script onto the Toolkit and run it using above command.