EventSentry is not affected by the Log4Shell.
See below for a list of all EventSentry components:
EventSentry Agent: Does not use Log4j, not vulnerable
EventSentry Heartbeat Agent: Does not use Log4j, not vulnerable
EventSentry Network Services: Does not use Log4j, not vulnerable
EventSentry Web Reports: Uses Log4j, however does not use affected versions
Built-In PostgreSQL Database: Does not use Log4j, not vulnerable
CVE-2021-44228 affects Log4j between versions 2.0-beta-9 and 2.14.1.
EventSentry is also not affected and does not meet the critieria outlined in the following vulnerabilities reported for log4j:
If you installed EventSentry 126.96.36.199 between December 18th and December 31st, your vulnerability scanners may detect that files from Log4j version 2.17.0 exist in your web reports folder. These files are not loaded or executed by EventSentry and cannot be actively exploited via the EventSentry Web Reports, but it is a good idea to download and install the January 1st updated version of the 188.8.131.52 web reports installer [ FROM HERE ] so that you can have Log4j version 2.17.1 or newer.