For Windows Computers

log4j2-scan --all-drives


  • In MEMCM, run the following script against a client or client collection: MSB - LOG4J Scanner - Web Download
  • For clients on campus that cannot reach the Internet run this instead: MSB - LOG4J Scanner - SCCM Share
  • Among other things, these will create the following CSV report that can be reviewed by the end user: C:\Temp\log4j.csv

For Macintosh Computers

Native Mac OS Version

There is a native Mac OS version of the scanner, but it will require you to modify the security settings on your Mac to run it.

log4j2-scan /

Java Version

If you are unable to follow the above instructions to run the native MacOS version you can also use the Java version of the app.

java -jar logpresso-log4j2-scan-2.7.1.jar /

What to do if the scan finds vulnerable log4j files

If you find a vulnerable file, take one the following steps below if you can.

If you don't need an application that uses a vulnerable log4j file . . .

If you need to keep that application . . .

Your scan will probably find vulnerable files in a directory called 'CrashPlan' or 'Code42'. This is UTBackup, which should update automatically. You can disregard this in your scan results for now as long as they report log4j2 version 2.16 or higher.

UT recommendations regarding some products that may show up as vulnerable in your scan

Vendor recommendations regarding some products that may show up as vulnerable in your scan

Third party recommendations regarding some products that may show up as vulnerable in your scan