type=SYSCALL msg=audit(1724076881.293:4522): arch=c000003e syscall=42 success=yes exit=0 a0=4 a1=7ff808e23354 a2=10 a3=7ffe3ed547e4 items=0 ppid=1021 pid=1703 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=pts0 ses=1 comm="route" exe="/usr/sbin/route" subj=unconfined key="network_connect_4"ARCH=x86_64 SYSCALL=connect AUID="ubuntu" UID="ubuntu" GID="ubuntu" EUID="ubuntu" SUID="ubuntu" FSUID="ubuntu" EGID="ubuntu" SGID="ubuntu" FSGID="ubuntu"
type=SYSCALL msg=audit(1724076881.293:4521): arch=c000003e syscall=41 success=yes exit=4 a0=2 a1=80802 a2=0 a3=7ffe3ed54998 items=0 ppid=1021 pid=1703 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=pts0 ses=1 comm="route" exe="/usr/sbin/route" subj=unconfined key="network_socket_created"ARCH=x86_64 SYSCALL=socket AUID="ubuntu" UID="ubuntu" GID="ubuntu" EUID="ubuntu" SUID="ubuntu" FSUID="ubuntu" EGID="ubuntu" SGID="ubuntu" FSGID="ubuntu"
type=SYSCALL msg=audit(1724076881.293:4520): arch=c000003e syscall=42 success=yes exit=0 a0=4 a1=7ff808e23354 a2=10 a3=7ffe3ed547d4 items=0 ppid=1021 pid=1703 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=pts0 ses=1 comm="route" exe="/usr/sbin/route" subj=unconfined key="network_connect_4"ARCH=x86_64 SYSCALL=connect AUID="ubuntu" UID="ubuntu" GID="ubuntu" EUID="ubuntu" SUID="ubuntu" FSUID="ubuntu" EGID="ubuntu" SGID="ubuntu" FSGID="ubuntu"
type=SYSCALL msg=audit(1724076881.293:4519): arch=c000003e syscall=41 success=yes exit=4 a0=2 a1=80802 a2=0 a3=7ffe3ed54988 items=0 ppid=1021 pid=1703 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=pts0 ses=1 comm="route" exe="/usr/sbin/route" subj=unconfined key="network_socket_created"ARCH=x86_64 SYSCALL=socket AUID="ubuntu" UID="ubuntu" GID="ubuntu" EUID="ubuntu" SUID="ubuntu" FSUID="ubuntu" EGID="ubuntu" SGID="ubuntu" FSGID="ubuntu"
type=SYSCALL msg=audit(1724076876.017:4518): arch=c000003e syscall=59 success=yes exit=0 a0=56476fd6a8b0 a1=56476fda64f0 a2=56476fd86dc0 a3=8 items=2 ppid=1021 pid=1699 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=pts0 ses=1 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=unconfined key="sbin_susp"ARCH=x86_64 SYSCALL=execve AUID="ubuntu" UID="ubuntu" GID="ubuntu" EUID="ubuntu" SUID="ubuntu" FSUID="ubuntu" EGID="ubuntu" SGID="ubuntu" FSGID="ubuntu"
type=SYSCALL msg=audit(1724076870.076:4513): arch=c000003e syscall=59 success=yes exit=0 a0=56476fdab800 a1=56476fbf7330 a2=56476fd86dc0 a3=8 items=3 ppid=1021 pid=1698 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=pts0 ses=1 comm="ufw" exe="/usr/bin/python3.10" subj=unconfined key="sbin_susp"ARCH=x86_64 SYSCALL=execve AUID="ubuntu" UID="ubuntu" GID="ubuntu" EUID="ubuntu" SUID="ubuntu" FSUID="ubuntu" EGID="ubuntu" SGID="ubuntu" FSGID="ubuntu"
type=SYSCALL msg=audit(1724076865.304:4508): arch=c000003e syscall=42 success=yes exit=0 a0=4 a1=7f44a9623354 a2=10 a3=7ffc661d2ec4 items=0 ppid=1021 pid=1697 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=pts0 ses=1 comm="netstat" exe="/usr/bin/netstat" subj=unconfined key="network_connect_4"ARCH=x86_64 SYSCALL=connect AUID="ubuntu" UID="ubuntu" GID="ubuntu" EUID="ubuntu" SUID="ubuntu" FSUID="ubuntu" EGID="ubuntu" SGID="ubuntu" FSGID="ubuntu"
type=SYSCALL msg=audit(1724076865.304:4507): arch=c000003e syscall=41 success=yes exit=4 a0=2 a1=80802 a2=0 a3=7ffc661d3078 items=0 ppid=1021 pid=1697 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=pts0 ses=1 comm="netstat" exe="/usr/bin/netstat" subj=unconfined key="network_socket_created"ARCH=x86_64 SYSCALL=socket AUID="ubuntu" UID="ubuntu" GID="ubuntu" EUID="ubuntu" SUID="ubuntu" FSUID="ubuntu" EGID="ubuntu" SGID="ubuntu" FSGID="ubuntu"
type=SYSCALL msg=audit(1724076865.304:4506): arch=c000003e syscall=42 success=yes exit=0 a0=4 a1=7f44a9623354 a2=10 a3=7ffc661d2ec4 items=0 ppid=1021 pid=1697 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=pts0 ses=1 comm="netstat" exe="/usr/bin/netstat" subj=unconfined key="network_connect_4"ARCH=x86_64 SYSCALL=connect AUID="ubuntu" UID="ubuntu" GID="ubuntu" EUID="ubuntu" SUID="ubuntu" FSUID="ubuntu" EGID="ubuntu" SGID="ubuntu" FSGID="ubuntu"
type=SYSCALL msg=audit(1724076865.304:4505): arch=c000003e syscall=41 success=yes exit=4 a0=2 a1=80802 a2=0 a3=7ffc661d3078 items=0 ppid=1021 pid=1697 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=pts0 ses=1 comm="netstat" exe="/usr/bin/netstat" subj=unconfined key="network_socket_created"ARCH=x86_64 SYSCALL=socket AUID="ubuntu" UID="ubuntu" GID="ubuntu" EUID="ubuntu" SUID="ubuntu" FSUID="ubuntu" EGID="ubuntu" SGID="ubuntu" FSGID="ubuntu"
type=SYSCALL msg=audit(1724076865.300:4502): arch=c000003e syscall=42 success=yes exit=0 a0=4 a1=7f44a9623354 a2=10 a3=7ffc661d2ec4 items=0 ppid=1021 pid=1697 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=pts0 ses=1 comm="netstat" exe="/usr/bin/netstat" subj=unconfined key="network_connect_4"ARCH=x86_64 SYSCALL=connect AUID="ubuntu" UID="ubuntu" GID="ubuntu" EUID="ubuntu" SUID="ubuntu" FSUID="ubuntu" EGID="ubuntu" SGID="ubuntu" FSGID="ubuntu"
type=SYSCALL msg=audit(1724076865.300:4501): arch=c000003e syscall=41 success=yes exit=4 a0=2 a1=80802 a2=0 a3=7ffc661d3078 items=0 ppid=1021 pid=1697 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=pts0 ses=1 comm="netstat" exe="/usr/bin/netstat" subj=unconfined key="network_socket_created"ARCH=x86_64 SYSCALL=socket AUID="ubuntu" UID="ubuntu" GID="ubuntu" EUID="ubuntu" SUID="ubuntu" FSUID="ubuntu" EGID="ubuntu" SGID="ubuntu" FSGID="ubuntu"
type=SYSCALL msg=audit(1724076865.272:4496): arch=c000003e syscall=42 success=yes exit=0 a0=4 a1=7f44a9623354 a2=10 a3=7ffc661d2ec4 items=0 ppid=1021 pid=1697 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=pts0 ses=1 comm="netstat" exe="/usr/bin/netstat" subj=unconfined key="network_connect_4"ARCH=x86_64 SYSCALL=connect AUID="ubuntu" UID="ubuntu" GID="ubuntu" EUID="ubuntu" SUID="ubuntu" FSUID="ubuntu" EGID="ubuntu" SGID="ubuntu" FSGID="ubuntu"
type=SYSCALL msg=audit(1724076865.272:4495): arch=c000003e syscall=41 success=yes exit=4 a0=2 a1=80802 a2=0 a3=7ffc661d3078 items=0 ppid=1021 pid=1697 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=pts0 ses=1 comm="netstat" exe="/usr/bin/netstat" subj=unconfined key="network_socket_created"ARCH=x86_64 SYSCALL=socket AUID="ubuntu" UID="ubuntu" GID="ubuntu" EUID="ubuntu" SUID="ubuntu" FSUID="ubuntu" EGID="ubuntu" SGID="ubuntu" FSGID="ubuntu"
type=SYSCALL msg=audit(1724076865.260:4492): arch=c000003e syscall=42 success=yes exit=0 a0=4 a1=7f44a9623354 a2=10 a3=7ffc661d2ec4 items=0 ppid=1021 pid=1697 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=pts0 ses=1 comm="netstat" exe="/usr/bin/netstat" subj=unconfined key="network_connect_4"ARCH=x86_64 SYSCALL=connect AUID="ubuntu" UID="ubuntu" GID="ubuntu" EUID="ubuntu" SUID="ubuntu" FSUID="ubuntu" EGID="ubuntu" SGID="ubuntu" FSGID="ubuntu"
type=SYSCALL msg=audit(1724076865.260:4491): arch=c000003e syscall=41 success=yes exit=4 a0=2 a1=80802 a2=0 a3=7ffc661d3078 items=0 ppid=1021 pid=1697 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=pts0 ses=1 comm="netstat" exe="/usr/bin/netstat" subj=unconfined key="network_socket_created"ARCH=x86_64 SYSCALL=socket AUID="ubuntu" UID="ubuntu" GID="ubuntu" EUID="ubuntu" SUID="ubuntu" FSUID="ubuntu" EGID="ubuntu" SGID="ubuntu" FSGID="ubuntu"
type=SYSCALL msg=audit(1724076865.256:4490): arch=c000003e syscall=59 success=yes exit=0 a0=56476fd88350 a1=56476fd667d0 a2=56476fd86dc0 a3=8 items=2 ppid=1021 pid=1697 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=pts0 ses=1 comm="netstat" exe="/usr/bin/netstat" subj=unconfined key="susp_activity"ARCH=x86_64 SYSCALL=execve AUID="ubuntu" UID="ubuntu" GID="ubuntu" EUID="ubuntu" SUID="ubuntu" FSUID="ubuntu" EGID="ubuntu" SGID="ubuntu" FSGID="ubuntu"
type=SYSCALL msg=audit(1724076859.544:4489): arch=c000003e syscall=41 success=yes exit=5 a0=a a1=2 a2=0 a3=7fdbb29beac0 items=0 ppid=1021 pid=1695 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=pts0 ses=1 comm="ifconfig" exe="/usr/sbin/ifconfig" subj=unconfined key="network_socket_created"ARCH=x86_64 SYSCALL=socket AUID="ubuntu" UID="ubuntu" GID="ubuntu" EUID="ubuntu" SUID="ubuntu" FSUID="ubuntu" EGID="ubuntu" SGID="ubuntu" FSGID="ubuntu"
type=SYSCALL msg=audit(1724076859.544:4488): arch=c000003e syscall=41 success=yes exit=4 a0=2 a1=2 a2=0 a3=7fdbb29beac0 items=0 ppid=1021 pid=1695 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=pts0 ses=1 comm="ifconfig" exe="/usr/sbin/ifconfig" subj=unconfined key="network_socket_created"ARCH=x86_64 SYSCALL=socket AUID="ubuntu" UID="ubuntu" GID="ubuntu" EUID="ubuntu" SUID="ubuntu" FSUID="ubuntu" EGID="ubuntu" SGID="ubuntu" FSGID="ubuntu"
type=SYSCALL msg=audit(1724076859.544:4487): arch=c000003e syscall=59 success=yes exit=0 a0=56476fcded50 a1=56476fd508b0 a2=56476fd86dc0 a3=8 items=2 ppid=1021 pid=1695 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=pts0 ses=1 comm="ifconfig" exe="/usr/sbin/ifconfig" subj=unconfined key="sbin_susp"ARCH=x86_64 SYSCALL=execve AUID="ubuntu" UID="ubuntu" GID="ubuntu" EUID="ubuntu" SUID="ubuntu" FSUID="ubuntu" EGID="ubuntu" SGID="ubuntu" FSGID="ubuntu"
type=SYSCALL msg=audit(1724076855.192:4479): arch=c000003e syscall=42 success=yes exit=0 a0=5 a1=7f94ae223354 a2=10 a3=7ffd986418d4 items=0 ppid=1021 pid=1694 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=pts0 ses=1 comm="arp" exe="/usr/sbin/arp" subj=unconfined key="network_connect_4"ARCH=x86_64 SYSCALL=connect AUID="ubuntu" UID="ubuntu" GID="ubuntu" EUID="ubuntu" SUID="ubuntu" FSUID="ubuntu" EGID="ubuntu" SGID="ubuntu" FSGID="ubuntu"
type=SYSCALL msg=audit(1724076855.192:4478): arch=c000003e syscall=41 success=yes exit=5 a0=2 a1=80802 a2=0 a3=7ffd98641a88 items=0 ppid=1021 pid=1694 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=pts0 ses=1 comm="arp" exe="/usr/sbin/arp" subj=unconfined key="network_socket_created"ARCH=x86_64 SYSCALL=socket AUID="ubuntu" UID="ubuntu" GID="ubuntu" EUID="ubuntu" SUID="ubuntu" FSUID="ubuntu" EGID="ubuntu" SGID="ubuntu" FSGID="ubuntu"
type=SYSCALL msg=audit(1724076855.188:4475): arch=c000003e syscall=42 success=yes exit=0 a0=5 a1=7f94ae223354 a2=10 a3=7ffd986418d4 items=0 ppid=1021 pid=1694 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=pts0 ses=1 comm="arp" exe="/usr/sbin/arp" subj=unconfined key="network_connect_4"ARCH=x86_64 SYSCALL=connect AUID="ubuntu" UID="ubuntu" GID="ubuntu" EUID="ubuntu" SUID="ubuntu" FSUID="ubuntu" EGID="ubuntu" SGID="ubuntu" FSGID="ubuntu"
type=SYSCALL msg=audit(1724076855.188:4474): arch=c000003e syscall=41 success=yes exit=5 a0=2 a1=80802 a2=0 a3=7ffd98641a88 items=0 ppid=1021 pid=1694 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=pts0 ses=1 comm="arp" exe="/usr/sbin/arp" subj=unconfined key="network_socket_created"ARCH=x86_64 SYSCALL=socket AUID="ubuntu" UID="ubuntu" GID="ubuntu" EUID="ubuntu" SUID="ubuntu" FSUID="ubuntu" EGID="ubuntu" SGID="ubuntu" FSGID="ubuntu"
type=SYSCALL msg=audit(1724076855.188:4473): arch=c000003e syscall=41 success=yes exit=3 a0=2 a1=2 a2=0 a3=55f172bc306d items=0 ppid=1021 pid=1694 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=pts0 ses=1 comm="arp" exe="/usr/sbin/arp" subj=unconfined key="network_socket_created"ARCH=x86_64 SYSCALL=socket AUID="ubuntu" UID="ubuntu" GID="ubuntu" EUID="ubuntu" SUID="ubuntu" FSUID="ubuntu" EGID="ubuntu" SGID="ubuntu" FSGID="ubuntu"