So, I followed the directions here "Move the downloaded jar files to <Installation dir>/elasticsearch/ES/lib"
My Nessus vulnerability scanner sees old Log4j files here - C:\ManageEngine\Log360\lib\log4j-1.2.15.jar
and also here
C:\ManageEngine\EventLog Analyzer\lib\log4j-1.2.17.jar
C:\ManageEngine\ADAudit Plus\lib\log4j-1.2.15.jar
Is it safe to delete these files??