return error codes - Githubissues

mergebase / log4j-detector

A public open sourced tool. Log4J scanner that detects vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046, etc) on your file-system within any application. It is able to even find Log4J instances that are hidden several layers deep. Works on Linux, Windows, and Mac, and everywhere else Java runs, too! TAG_OS_TOOL, OWNER_KELLY, DC_PUBLIC

Other

638 stars 98 forks source link

return error codes #5

Closed eingemaischt closed 2 years ago

eingemaischt commented 2 years ago

Could you return an error count if you find a vulnerability?

For example 1 for warnings (e.g. if a version 1 was found) and 2 for a vulnerable log4j2 would be great to directly include it as icinga/nagios-Check ;-)

(BTW: Thank you for your great work!)

juliusmusseau commented 2 years ago

Done ! Great idea !

p.s. Thanks for your kind words - very appreciated.

(Note: we currently don't detect Log4J 1.2.x, but plan to add that tomorrow).