Thanks for clarification on that. I am seeing results now from my Linux systems with some unbelievable elapsed times. Which seems to be more a product of the scanner itself vs the bigfix content. But is it really that quick? Here is the output from 2 linux systems one with affected files the other without.
Server 1:
File reads:
Logpresso CVE-2021-44228 Vulnerability Scanner 1.7.0 (2021-12-17)
Scanning directory: / (without /cdrom, /dev, /mnt, /proc, /sys, /sys/fs/cgroup/blkio, /sys/fs/cgroup/cpu,cpuacct, /sys/fs/cgroup/cpuset, /sys/fs/cgroup/devices, /sys/fs/cgroup/freezer, /sys/fs/cgroup/memory, /sys/fs/cgroup/net_cls,net_prio, /sys/fs/cgroup/perf_event, /sys/fs/cgroup/pids, /sys/fs/cgroup/rdma, /sys/fs/cgroup/systemd, /sys/fs/cgroup/unified, /dev, /run, /dev/shm, /run/lock, /sys/fs/cgroup)
Scanned 21397 directories and 175881 files
Found 0 vulnerable files
Found 0 potentially vulnerable files
Found 0 mitigated files
Completed in 1.26 seconds
Property Result = <none>
Server 2:
File Reads:
Logpresso CVE-2021-44228 Vulnerability Scanner 1.7.0 (2021-12-17)
Scanning directory: / (without /cdrom, /dev, /mnt, /proc, /sys, /sys/fs/cgroup/blkio, /sys/fs/cgroup/cpu,cpuacct, /sys/fs/cgroup/cpuset, /sys/fs/cgroup/devices, /sys/fs/cgroup/freezer, /sys/fs/cgroup/memory, /sys/fs/cgroup/net_cls,net_prio, /sys/fs/cgroup/perf_event, /sys/fs/cgroup/pids, /sys/fs/cgroup/rdma, /sys/fs/cgroup/systemd, /sys/fs/cgroup/unified, /dev, /run, /dev/shm, /run/lock, /sys/fs/cgroup)
[] Found CVE-2021-44228 vulnerability in /usr/share/elasticsearch/lib/log4j-core-2.11.1.jar, log4j 2.11.1
[] Found CVE-2021-44228 vulnerability in /usr/share/elasticsearch/bin/elasticsearch-sql-cli-7.9.1.jar, log4j 2.11.1
Scanned 7691 directories and 83105 files
Found 2 vulnerable files
Found 0 potentially vulnerable files
Found 0 mitigated files
Completed in 0.62 seconds
Property Result=
/usr/share/elasticsearch/lib/log4j-core-2.11.1.jar, log4j 2.11.1
/usr/share/elasticsearch/bin/elasticsearch-sql-cli-7.9.1.jar, log4j 2.11.1