To fix log 4j vulnerability , I upgraded the streamsets version from streamsets/datacollector:3.18.1 to streamsets/datacollector:4.2.0. After that, I am not able to create a new /import pipeline. User Interface asks me to connect to control hub or enter activation code which was not the case in version 3.18.1.
Best answer by samView original
As of version 4.0, StreamSets Data Collector is not open source, so you will need to use Control Hub if you are not an enterprise customer.
To fix the log4j vulnerability without upgrading to 4.2.0, see the instructions on replacing the vulnerability using a provided script: