Hi all,
Would anyone have ideas how to search for the latest log4j DOS exploit, example payload: "${${::-${::-$${::-j}}}}"? We are having trouble escaping the characters in a KQL search however open to a EQL search across all indices as well if that would work better.