log4shell-tool VS PowerShellSnippets

Start with confirming that an incident took place. My five-minute understanding of Datto's ComStore log4shell tool is that it does two things:

For an in-depth explanation of what variables are required, please check the 'Usage' section of the readme viewable at https://github.com/datto/log4shell-tool. This explains the three variables that need to be set and what values to set them to.

So if for whatever reason you can't get the dba tools to work (it looks like there is a viable answer above), you can always use scripting options with the script method to script out database objects, via SMO. I have a sample script here which is a bit different from what you've asked for, but shows the fundamentals of what you might want to do.

Not that messy! I added a link to this thread and direct to the github link from my README on my scanner utility repo. When I get a chance I may borrow this and updated it to use the same remote methods I used in the last script, but read the file/computer list from my generated CSV - that way people can clean up the CSV for their particular targets, and push an update with this script. Nice work!

The issue with searching for log4j*.jar is that you miss out on bundled jars which have different filenames hashes. It might be a better approach to search for all jar files and look inside if there is a jndilookup.class mentioned. This might add some false positives - but this is imho better than false negatives. Here is a powershell script which implements that approach: https://github.com/omrsafetyo/PowerShellSnippets/blob/master/Invoke-Log4ShellScan.ps1