I've created a
Log4j blog post containing much of the information that has become available around this vulnerability.
We created two rudimentary reports, one based on software publishers and one based on event logs. However, I presume most people will be able to use the default reports like software installed, services installed, and processes running better on an individual basis depending on which services/software are used within their environment.
You can read more about the
log4j vulnerability here.
