I have a Windows Server 2012 R2 machine. What is the best way to search for log4j. Is it enough with a simple file search or can these files be used from inside a container. I have done a file search like this in power shell
Get-childitem -Path c:\ -Include log4j*.jar -File -Recurse -ErrorAction SilentlyContinue | select Lastwritetime, directory, name | export-csv -append -notypeinformation c.csv
Best Answer
That is definitely insufficient. You need something to open up war/jar/etc files and inspect inside there. Further, depending on the filename to match isn't guaranteed to work. Finally, you're not checking on the version with that, so you'd also need to determine if you're running a vulnerable version.
This page has a link to a github project that does claim to do these things.