Light weight active log4j use detection

Longtime community member @strawgate has published BigFix content that takes a novel approach to detecting vulnerable Log4j libraries that are in active-use. This is a much less resource-intensive approach than full filesystem scans. While this does not remove the need for full system scans, this approach appears to be light enough to watch the running system over time with much less resource impact to the system.

The same caveats as earlier apply - this is not BigFix-managed content, etc.

We are linking with our thanks to his content at the following location:

For discussion on this method, please see the following forum thread: