I have received the latest bulletins indicating APM 10.7 and its agents aren't impacted by log4j.

However, we are getting some pushback from the teams supporting the agents.  They are curious if they can delete the log4j classes for the 9.7.1.16 agent. They would be more comfortable removing them.

Release : 10.7.0

Component : Introscope

The problematic class files are not packaged. So there would be nothing for the user to remove.  Thus, the vulnerability does not exist in 10.7 and its agents including earlier versions.