IBM Support

QRadar: Applications, CentOS 6, and Python 2 End Of Support

News


Abstract

This technical note outlines application changes for QRadar administrators and developers in upcoming software releases. If you are an administrator or application developer, this article outlines end of support for Python 2 and changes for CentOS and Red Hat versions for QRadar applications.

Content

 

Apps, CentOS 6, and Python 2 End Of Support

The Python Software Foundation stopped community support for Python 2 on 30 November 2020. Red Hat® continued providing support for Python 2 modules packaged with Red Hat® 6 until its end of support for Red Hat 6. QRadar apps running on CentOS 6 are considered End Of Support on 26 November 2020.

For more information, see:

Update: On 14 December 2021, administrators were advised to upgrade or disable CentOS6 based applications to the UBI version per Security Bulletin: IBM QRadar SIEM Application Framework v1 (CentOS6) is End of Life. A technical note is available to inform administrators how to upgrade, disable, or prevent CentOS6 applications from installing in QRadar appliances. For more information, see Notice: CentOS6 applications and mitigation for CVEs.

In QRadar versions 7.3.3 fix pack 6, 7.4.1 fix pack 2, and 7.4.2 or later, the runtime is upgraded to be able to run apps that use either CentOS 6 or Red Hat® UBI 8 (Universal Base Image). Administrators must be aware that security issues exist on CentOS6-based applications, even though the application framework can run both CentOS6 and Universal Base Image applications. The Red Hat® UBI 8 includes default Python 3 support and is the new standard for QRadar application development going forward. This technical note explains how different QRadar users can be affected by this change.
 

QRadar Administrators

Administrators are encouraged to manage their apps with the QRadar Assistant app. The QRadar Assistant app can automatically display and update apps to the most recent and compatible version to your QRadar Console. We encourage QRadar Administrators to plan upgrades to QRadar to 7.3.3 fix pack 6, 7.4.1 fix pack 2, or 7.4.2 and later to get security updates for applications built with application framework v2.

Use the QRadar Assistant to keep applications updated for your users:

Get the QRadar Assistant App Configure the QRadar Assistant App Manage and update QRadar applications

App Developers

QRadar app developers are invited to refer to the development guides on how to port their app from Python 2 to Python 3, as well as migrate it from a CentOS 6 to Red Hat UBI 8 base image.  Application migration for framework changes is a straightforward process and developers can find the migration guide here.
 
Updates to existing CentOS 6 based apps will be accepted until 31 March 2021 after which no more CentOS 6 based apps will be accepted in validation. Until then developers are encouraged to publish apps that use the UBI 8 base image.

App developers can publish two separate listings of their apps on the X-Force® App Exchange that use both platforms to continue publishing new features to CentOS 6 compatible versions of your QRadar application until the 31 March 2021.
 

Red Hat®, JBoss®, OpenShift®, Fedora®, Hibernate®, Ansible®, CloudForms®, RHCA®, RHCE®, RHCSA®, Ceph®, and Gluster® are trademarks or registered trademarks of Red Hat, Inc. or its subsidiaries in the United States and other countries.

[{"Line of Business":{"code":"LOB24","label":"Security Software"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSBQAC","label":"IBM Security QRadar SIEM"},"ARM Category":[{"code":"a8m0z000000cwt3AAA","label":"QRadar Apps"}],"ARM Case Number":"","Platform":[{"code":"PF016","label":"Linux"}],"Version":"7.3.3;7.4.1;7.4.2"}]

Document Information

Modified date:
25 July 2022

UID

ibm16356547