Hi Wim,
Thank you very much for your inquiry!
No worries, since we do not use log4j at all, the attack that targets it won't show effect.
I appreciate it a lot if potential issues are discussed in advance.
In this case it turns out to be false alert, but it could have been otherwise.
And I'd rather look at 500 false positives than to miss a real issue.
Thank you,
Ronald