log4j remediation tasks

First step is to find out whether the system in question actually has any software installed that uses the Apache logging modules.  If not, call it a day and have a well-deserved beer.

You should apply various principles that can minimize the potential for damage even before a vulnerability such as Log4J is known. These include:

• implementing multiple layers of defense
• minimizing permissions to only permitted users
• maintaining a stance of (SbD) Security by Default

In the case of Log4J, effective security monitoring and intrusion detection, and prevention help detect a breach before the vulnerability is made public. 
https://www.trendmicro.com/en_us/research/21/l/log4j.html
https://www.revenera.com/sites/default/files/sca_apache-log4j-security-vulnerability-steps-to-tackle.pdf
https://www.microsoft.com/security/blog/2021/12/11/guidance-for-preventing-detecting-and-hunting-for-cve-2021-44228-log4j-2-exploitation/
https://www.picussecurity.com/resource/blog/4-step-immediate-mitigation-for-log4j-attacks-log4shell

This is likely the best place to start CVE 2021-44228

SonicWall continues to send out patches that caused issues as I write this, got one this morning. I would definitely make sure your firewall is not compromised. 

CIS has a reasonable workflow at high level.

https://www.cisecurity.org/log4j-zero-day-vulnerability-response/

The MS-ISAC created this flow chart for members and others to follow for identifying and mitigating risk related to this vulnerability:
Note: Appendices are available below this graphic.