Wrote a utility that scans all EC2 instances in a region and determines whether they have a version of log4j that is vulnerable to CVE-2021-44228. It does this without modifying the instance or its filesystem, and does so in parallel over ssh.