Introduction \r\n \r\n Log4Shell (CVE-2021-44228) is a remote code execution (RCE) vulnerability in the Apache-foundation open-source logging library Log4j. It was published on December 9, 2021, and then all hell broke loose. As Log4j is a common logging library for Java applications, it is highly widespread.  \r\n At Guardicore (now part of Akamai), we aim to make sure our customers are as secure as possible, so we boarded the steam wagon of Log4j detection. We wanted to make sure we can help our customers map all their vulnerable servers and offer them a segmentation solution to limit the impact radius of any possible exploitation. As Akamai Guardicore is a network segmentation solution, we have strong visibility into the data center’s network traffic. For host-based information, we have Guardicore Insight — an integration with OSQuery, an open-source program to allow SQLite-like querying of various OS information. Armed with this, we started our journey.…