Yang, BongYeol (xeraph)

@mrl-siemens Send me Pull Request. I think it already states directory like this: ``` --exclude [path_prefix] Full paths of ***directories*** whose absolute path starts with the specified value will be...

@thl-cmk @mrl-siemens Would you test v2.7.0 release? You can use `--exclude-file-config` option to specify exclude file path list.

@jvirot You should use latest version (v2.6.2). `--syslog-udp` option is supported since v2.5.0.

@jvirot Would you open a new enhancement issue?

@jvirot Scanner doesn't send any report if no vulnerable log4j found. (it's normal). You cannot send syslog for 0 vulnerability. thus needs new issue.

Check outgoing syslog packets using wireshark first. icmp response can be filtered when you are checking udp port using portqry.

@jvirot My test output on v2.6.3 (expected output) ``` D:\github\CVE-2021-44228-Scanner>log4j2-scan --syslog-udp 104.21.94.49:5544 --syslog-level alert --scan-log4j1 --scan-logback d:\tmp\verify Logpresso CVE-2021-44228 Vulnerability Scanner 2.6.3 (2021-12-27) Scanning directory: d:\tmp\verify [?] Found CVE-2021-4104 (log4j...

@jvirot Finally.. You did it! Maybe last screenshot means unexpected syslog drops.. Some open source daemons cannot receive all syslog packets due to garbage collection stall. If you have more...

@jamesdpatterson Would you test v2.8.0 release?

@bonsei0 Thank you for detail report. However, scanner present only representative CVE code for simplicity. Since log4j1 has multiple vulnerabilities, it is quite difficult to read scan report if scanner...