11241100x800000000000000080138Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.675a2b69279d41882021-12-17 11:27:59.058root 11241100x800000000000000080139Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.857aa551d50f05752021-12-17 11:27:59.058root 11241100x800000000000000080140Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd6b45ef1c08ad632021-12-17 11:27:59.058root 11241100x800000000000000080141Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1261790a09cba582021-12-17 11:27:59.058root 11241100x800000000000000080142Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3ee20824568c8482021-12-17 11:27:59.058root 11241100x800000000000000080143Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e5795a178dd6a3812021-12-17 11:27:59.058root 11241100x800000000000000080144Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.01aba9940de5332b2021-12-17 11:27:59.059root 11241100x800000000000000080145Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.67fadb7fca1b57cb2021-12-17 11:27:59.059root 11241100x800000000000000080146Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8acf1a823f8ac8d02021-12-17 11:27:59.059root 11241100x800000000000000080147Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0129890c4b9c88552021-12-17 11:27:59.059root 11241100x800000000000000080148Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b3e0364acf6716c2021-12-17 11:27:59.059root 11241100x800000000000000080149Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.27d3ed6550bbde9f2021-12-17 11:27:59.059root 11241100x800000000000000080150Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.047750f9280473052021-12-17 11:27:59.059root 11241100x800000000000000080151Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ada7adadfb6529c2021-12-17 11:27:59.059root 11241100x800000000000000080152Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da093d91045e2bd02021-12-17 11:27:59.059root 11241100x800000000000000080153Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0fd208df5da9e08c2021-12-17 11:27:59.059root 11241100x800000000000000080154Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.52ebb794f87f47a92021-12-17 11:27:59.059root 11241100x800000000000000080155Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d349a31741ba2db2021-12-17 11:27:59.059root 11241100x800000000000000080156Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.afa10dc9ebcb718d2021-12-17 11:27:59.059root 11241100x800000000000000080157Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8a3751fdc6a75a212021-12-17 11:27:59.059root 11241100x800000000000000080158Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a609cebe2496fba2021-12-17 11:27:59.059root 11241100x800000000000000080159Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.487ab73bded997dd2021-12-17 11:27:59.060root 11241100x800000000000000080160Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2dc223df62c603c02021-12-17 11:27:59.060root 11241100x800000000000000080161Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.50d55784aea8533c2021-12-17 11:27:59.060root 11241100x800000000000000080162Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.66246e25df1bcc222021-12-17 11:27:59.060root 11241100x800000000000000080163Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ff9e99e4cb7f4e72021-12-17 11:27:59.060root 11241100x800000000000000080164Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9fb1248ffdbcf5c52021-12-17 11:27:59.060root 11241100x800000000000000080165Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.614ba62ea076f5e22021-12-17 11:27:59.060root 11241100x800000000000000080166Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4dd0184ff8c9c0792021-12-17 11:27:59.060root 11241100x800000000000000080167Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa864884e4cfcb832021-12-17 11:27:59.060root 11241100x800000000000000080168Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5539a8f453d11f512021-12-17 11:27:59.060root 11241100x800000000000000080169Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.32534d25419750cd2021-12-17 11:27:59.060root 11241100x800000000000000080170Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6671d9e69fe404ef2021-12-17 11:27:59.060root 11241100x800000000000000080171Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6be900ea89131e82021-12-17 11:27:59.060root 11241100x800000000000000080172Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.719ed00d178d876c2021-12-17 11:27:59.060root 11241100x800000000000000080173Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a111cd308de660c2021-12-17 11:27:59.061root 11241100x800000000000000080174Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2639f4a167cd9cdc2021-12-17 11:27:59.061root 11241100x800000000000000080175Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eab585944c5254f32021-12-17 11:27:59.061root 11241100x800000000000000080176Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac2161cfc99466e02021-12-17 11:27:59.061root 11241100x800000000000000080177Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.266a189a70e92bd52021-12-17 11:27:59.061root 11241100x800000000000000080178Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc769346e3b259342021-12-17 11:27:59.061root 11241100x800000000000000080179Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e3c3d0fd9e2eb1892021-12-17 11:27:59.061root 11241100x800000000000000080180Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6953ecb7bbbcb3bf2021-12-17 11:27:59.061root 11241100x800000000000000080181Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc9d6d568c0781c62021-12-17 11:27:59.061root 11241100x800000000000000080182Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.94728dab5ee4c89b2021-12-17 11:27:59.061root 11241100x800000000000000080183Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.890d55b996f91b302021-12-17 11:27:59.061root 11241100x800000000000000080184Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1bd9c50073f5e7882021-12-17 11:27:59.061root 11241100x800000000000000080185Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe794253f5a75ee12021-12-17 11:27:59.558root 11241100x800000000000000080186Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.89a0754be07edf4f2021-12-17 11:27:59.558root 11241100x800000000000000080187Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6fae4347fd9e47e52021-12-17 11:27:59.558root 11241100x800000000000000080188Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dcc24f975ac043112021-12-17 11:27:59.558root 11241100x800000000000000080189Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ced1c902902e2582021-12-17 11:27:59.558root 11241100x800000000000000080190Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dbbb3d1ee05cb9ef2021-12-17 11:27:59.559root 11241100x800000000000000080191Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bfb5e26fba1a7be82021-12-17 11:27:59.559root 11241100x800000000000000080192Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f44dc45cea1cfa3a2021-12-17 11:27:59.559root 11241100x800000000000000080193Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f81c3999c5af7dce2021-12-17 11:27:59.559root 11241100x800000000000000080194Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.018b291f1411431c2021-12-17 11:27:59.559root 11241100x800000000000000080195Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2330e09bd9ddb342021-12-17 11:27:59.559root 11241100x800000000000000080196Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e398819f11f93b582021-12-17 11:27:59.559root 11241100x800000000000000080197Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6d3ba2d6fff0b882021-12-17 11:27:59.559root 11241100x800000000000000080198Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f4fc73d1245e1ea42021-12-17 11:27:59.559root 11241100x800000000000000080199Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e8e6f5f2a2178692021-12-17 11:27:59.559root 11241100x800000000000000080200Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.028c4b7aa02b4e212021-12-17 11:27:59.559root 11241100x800000000000000080201Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.753f34dba63b452d2021-12-17 11:27:59.559root 11241100x800000000000000080202Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b3871ef869ba4372021-12-17 11:27:59.559root 11241100x800000000000000080203Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4587a986638a4c142021-12-17 11:27:59.559root 11241100x800000000000000080204Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e5b57703730e150f2021-12-17 11:27:59.560root 11241100x800000000000000080205Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.722e7625ce894af42021-12-17 11:27:59.560root 11241100x800000000000000080206Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc60abeefeb549c02021-12-17 11:27:59.560root 11241100x800000000000000080207Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a4acd2de80b69632021-12-17 11:27:59.560root 11241100x800000000000000080208Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a299aa0b8a090ca42021-12-17 11:27:59.560root 11241100x800000000000000080209Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.34859df1b1cc14b12021-12-17 11:27:59.560root 11241100x800000000000000080210Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a9de24ac1c3977032021-12-17 11:27:59.560root 11241100x800000000000000080211Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6452490712121f22021-12-17 11:27:59.560root 11241100x800000000000000080212Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d4ae5bed6fedac002021-12-17 11:27:59.560root 11241100x800000000000000080213Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.823937d40c9ffb642021-12-17 11:27:59.560root 11241100x800000000000000080214Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8357e4e3573538d92021-12-17 11:27:59.560root 11241100x800000000000000080215Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.951279cfc080aaec2021-12-17 11:27:59.560root 11241100x800000000000000080216Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.57b09069cffc95292021-12-17 11:27:59.560root 11241100x800000000000000080217Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4af5358658e6f4e82021-12-17 11:27:59.560root 11241100x800000000000000080218Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d4db36c104f33492021-12-17 11:27:59.560root 11241100x800000000000000080219Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.84ff2482c4cc022e2021-12-17 11:27:59.561root 11241100x800000000000000080220Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3c942f232d1f0b762021-12-17 11:27:59.561root 11241100x800000000000000080221Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b569916873d59df2021-12-17 11:27:59.561root 11241100x800000000000000080222Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.589b6d9de9f363692021-12-17 11:27:59.561root 11241100x800000000000000080223Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.40379a2ef1a79c852021-12-17 11:27:59.561root 11241100x800000000000000080224Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.40c171bb80d5804a2021-12-17 11:27:59.561root 11241100x800000000000000080225Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eee5d4fa05a5aacd2021-12-17 11:27:59.561root 11241100x800000000000000080226Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.209ac2253076baaf2021-12-17 11:27:59.561root 11241100x800000000000000080227Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.371aef5fde39049b2021-12-17 11:27:59.561root 11241100x800000000000000080228Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4de8f8fb08d67fe42021-12-17 11:27:59.561root 11241100x800000000000000080229Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f9563317754adb22021-12-17 11:27:59.561root 11241100x800000000000000080230Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac3595105a2844682021-12-17 11:27:59.561root 11241100x800000000000000080231Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f05f740cf1a945632021-12-17 11:27:59.561root 11241100x800000000000000080232Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aec77713414a26aa2021-12-17 11:28:00.058root 11241100x800000000000000080233Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.65a73637d11903052021-12-17 11:28:00.058root 11241100x800000000000000080234Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e2a2a5eccef55a4a2021-12-17 11:28:00.058root 11241100x800000000000000080235Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d1d044f7c39a4c12021-12-17 11:28:00.058root 11241100x800000000000000080236Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3dceb9630aeb38f12021-12-17 11:28:00.059root 11241100x800000000000000080237Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.682f72df306589b02021-12-17 11:28:00.059root 11241100x800000000000000080238Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc768bfb478126772021-12-17 11:28:00.059root 11241100x800000000000000080239Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd23d0fb3f2c8a192021-12-17 11:28:00.059root 11241100x800000000000000080240Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8eaaec7822a4ffba2021-12-17 11:28:00.059root 11241100x800000000000000080241Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cbe990255c0221692021-12-17 11:28:00.059root 11241100x800000000000000080242Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dfa782fae5f196f82021-12-17 11:28:00.059root 11241100x800000000000000080243Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d5b36b0b872cd4672021-12-17 11:28:00.059root 11241100x800000000000000080244Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e94ab83420739b02021-12-17 11:28:00.059root 11241100x800000000000000080245Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be42ebefa87282672021-12-17 11:28:00.059root 11241100x800000000000000080246Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2943b22c999ffd0a2021-12-17 11:28:00.059root 11241100x800000000000000080247Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c0a8664e20d82e92021-12-17 11:28:00.059root 11241100x800000000000000080248Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.130fb9d7a46348ba2021-12-17 11:28:00.059root 11241100x800000000000000080249Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b83b3787849c9432021-12-17 11:28:00.059root 11241100x800000000000000080250Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bdab1259b51eb9072021-12-17 11:28:00.059root 11241100x800000000000000080251Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.72072ebc736a67372021-12-17 11:28:00.060root 11241100x800000000000000080252Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ffce7d640b8caf442021-12-17 11:28:00.060root 11241100x800000000000000080253Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d2ebce27f96529862021-12-17 11:28:00.060root 11241100x800000000000000080254Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f868acf3eceaf3082021-12-17 11:28:00.060root 11241100x800000000000000080255Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.292481c6463f34fc2021-12-17 11:28:00.060root 11241100x800000000000000080256Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa34a73ae80d5cb82021-12-17 11:28:00.060root 11241100x800000000000000080257Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f50f00b761b6dee22021-12-17 11:28:00.060root 11241100x800000000000000080258Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c8e09921e9c4072d2021-12-17 11:28:00.060root 11241100x800000000000000080259Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a7721239a2a17b72021-12-17 11:28:00.060root 11241100x800000000000000080260Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.73ea30ca5af2fefa2021-12-17 11:28:00.060root 11241100x800000000000000080261Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7cd32c302c5ebdff2021-12-17 11:28:00.060root 11241100x800000000000000080262Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3698a7c50858dc7b2021-12-17 11:28:00.060root 11241100x800000000000000080263Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0bea71d8330cf1a32021-12-17 11:28:00.060root 11241100x800000000000000080264Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.22851f37766e1e652021-12-17 11:28:00.060root 11241100x800000000000000080265Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a41ac5135ebe72d2021-12-17 11:28:00.060root 11241100x800000000000000080266Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4fd97f10f13ebfcc2021-12-17 11:28:00.061root 11241100x800000000000000080267Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8733a5367d35e1c92021-12-17 11:28:00.061root 11241100x800000000000000080268Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be7cb29420f9c4472021-12-17 11:28:00.061root 11241100x800000000000000080269Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f504ab8f0253f3522021-12-17 11:28:00.061root 11241100x800000000000000080270Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3980d970862501b82021-12-17 11:28:00.061root 11241100x800000000000000080271Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0df9cef74799ef1b2021-12-17 11:28:00.061root 11241100x800000000000000080272Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f98be0dac78552f82021-12-17 11:28:00.061root 11241100x800000000000000080273Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.46c777466dd7a2762021-12-17 11:28:00.061root 11241100x800000000000000080274Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3dcc008683f432182021-12-17 11:28:00.061root 11241100x800000000000000080275Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7943bb9488bf0cff2021-12-17 11:28:00.061root 11241100x800000000000000080276Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.50b6d457eb51125c2021-12-17 11:28:00.061root 11241100x800000000000000080277Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6438f99326c6797f2021-12-17 11:28:00.062root 11241100x800000000000000080278Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.13f89aece6a4c7502021-12-17 11:28:00.062root 11241100x800000000000000080279Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.187{ec28ba6a-709b-61bc-30d8-78dfe0550000}5175/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log2021-12-17 11:28:00.187root 11241100x800000000000000080280Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d659ee1e3d6e7e372021-12-17 11:28:00.558root 11241100x800000000000000080281Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b199ba8e63226352021-12-17 11:28:00.558root 11241100x800000000000000080282Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.083eb10b567cadd32021-12-17 11:28:00.559root 11241100x800000000000000080283Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.52abcf0a8facc4a42021-12-17 11:28:00.559root 11241100x800000000000000080284Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.03eb50ba8e8db50b2021-12-17 11:28:00.559root 11241100x800000000000000080285Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.78bd2463fd6706012021-12-17 11:28:00.559root 11241100x800000000000000080286Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b60a4d12333c4972021-12-17 11:28:00.560root 11241100x800000000000000080287Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9bdaae7ba7faaed2021-12-17 11:28:00.560root 11241100x800000000000000080288Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.61a51d69bd2e79832021-12-17 11:28:00.560root 11241100x800000000000000080289Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8cd637a02476c1f82021-12-17 11:28:00.560root 11241100x800000000000000080290Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.acfd4ae5153a73122021-12-17 11:28:00.560root 11241100x800000000000000080291Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1683134f1ac2a9ce2021-12-17 11:28:00.560root 11241100x800000000000000080292Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.acdfbcdbc64795922021-12-17 11:28:00.560root 11241100x800000000000000080293Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.68c784657107ad842021-12-17 11:28:00.560root 11241100x800000000000000080294Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3cb436cad02373ea2021-12-17 11:28:00.560root 11241100x800000000000000080295Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fafbd3c3d754c6752021-12-17 11:28:00.561root 11241100x800000000000000080296Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ef49a0b746f1fc02021-12-17 11:28:00.561root 11241100x800000000000000080297Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b68c82bdf93fdd572021-12-17 11:28:00.561root 11241100x800000000000000080298Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.53e85c546ab3fc4b2021-12-17 11:28:00.561root 11241100x800000000000000080299Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00adcd932da1709e2021-12-17 11:28:00.561root 11241100x800000000000000080300Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c41f11e5a9a684c82021-12-17 11:28:00.561root 11241100x800000000000000080301Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a493ab59a81d3292021-12-17 11:28:00.561root 11241100x800000000000000080302Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7f62d6b4aaca6bc2021-12-17 11:28:00.561root 11241100x800000000000000080303Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e066be70579cf702021-12-17 11:28:00.561root 11241100x800000000000000080304Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4698f7c0c1d699e72021-12-17 11:28:00.562root 11241100x800000000000000080305Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b731d3370315e3102021-12-17 11:28:00.562root 11241100x800000000000000080306Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8aebc4b3f1c7a4ce2021-12-17 11:28:00.562root 11241100x800000000000000080307Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ecafdf61500719832021-12-17 11:28:00.562root 11241100x800000000000000080308Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e3a52567b8a145a2021-12-17 11:28:00.562root 11241100x800000000000000080309Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.371bedab4fa8d28f2021-12-17 11:28:00.563root 11241100x800000000000000080310Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.28046d2e9804834d2021-12-17 11:28:00.563root 11241100x800000000000000080311Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e1bfc5796810daba2021-12-17 11:28:00.563root 11241100x800000000000000080312Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fdca75a04eceeea12021-12-17 11:28:00.563root 11241100x800000000000000080313Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9126241394e6a5002021-12-17 11:28:00.563root 11241100x800000000000000080314Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.151b19ed1fcf9ac92021-12-17 11:28:00.563root 11241100x800000000000000080315Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aaea2660d67c5d892021-12-17 11:28:00.563root 11241100x800000000000000080316Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.75284e13474c21a62021-12-17 11:28:00.564root 11241100x800000000000000080317Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1ea8366470d522042021-12-17 11:28:00.564root 11241100x800000000000000080318Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f9e125351b9cb49b2021-12-17 11:28:00.564root 11241100x800000000000000080319Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.59a4bcd59116afc92021-12-17 11:28:00.564root 11241100x800000000000000080320Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8f7350c9ac3cb472021-12-17 11:28:00.564root 11241100x800000000000000080321Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95651c7def5a9f9a2021-12-17 11:28:00.564root 11241100x800000000000000080322Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2a68bdb3594b794f2021-12-17 11:28:00.564root 11241100x800000000000000080323Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd642922979d8ea42021-12-17 11:28:00.565root 11241100x800000000000000080324Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1db31c166ccec7aa2021-12-17 11:28:00.565root 11241100x800000000000000080325Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a17fe6b4167b6c72021-12-17 11:28:00.565root 11241100x800000000000000080326Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ebe13eebe1bfc3d52021-12-17 11:28:00.565root 11241100x800000000000000080327Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.40af8bfe85996a132021-12-17 11:28:00.565root 11241100x800000000000000080328Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a887a1c23e2cf6d2021-12-17 11:28:01.057root 11241100x800000000000000080329Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c756d0bd25c4f6a2021-12-17 11:28:01.057root 11241100x800000000000000080330Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f592cf28991fd9dd2021-12-17 11:28:01.057root 11241100x800000000000000080331Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5dba3d26def246952021-12-17 11:28:01.057root 11241100x800000000000000080332Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4db28c7aa856f64f2021-12-17 11:28:01.057root 11241100x800000000000000080333Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.20ba7b168112b8f82021-12-17 11:28:01.057root 11241100x800000000000000080334Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c1604744e4263e3c2021-12-17 11:28:01.057root 11241100x800000000000000080335Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e96009c8d7c5e4922021-12-17 11:28:01.057root 11241100x800000000000000080336Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48f87b5e164faa872021-12-17 11:28:01.057root 11241100x800000000000000080337Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7af523eff04f5e32021-12-17 11:28:01.058root 11241100x800000000000000080338Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48c96e9209e653bc2021-12-17 11:28:01.058root 11241100x800000000000000080339Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c21d9fdaf004a4fa2021-12-17 11:28:01.058root 11241100x800000000000000080340Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aaa0c6f5e1f447922021-12-17 11:28:01.058root 11241100x800000000000000080341Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7104b38b4bbd36e82021-12-17 11:28:01.058root 11241100x800000000000000080342Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b2ff1202c2ede4fe2021-12-17 11:28:01.058root 11241100x800000000000000080343Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.65bb8d25bb5eba362021-12-17 11:28:01.058root 11241100x800000000000000080344Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f57288a5ecf9fcc2021-12-17 11:28:01.058root 11241100x800000000000000080345Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9c4490110b4f2242021-12-17 11:28:01.058root 11241100x800000000000000080346Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b947af80b34da2e52021-12-17 11:28:01.058root 11241100x800000000000000080347Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0ce7d3f9f88fa7e2021-12-17 11:28:01.059root 11241100x800000000000000080348Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b98d0cf6dcac1a72021-12-17 11:28:01.059root 11241100x800000000000000080349Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f3cc0b520aa05ba2021-12-17 11:28:01.059root 11241100x800000000000000080350Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.15e4f67cddf74ec62021-12-17 11:28:01.059root 11241100x800000000000000080351Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ef0fcb3a9832fbf2021-12-17 11:28:01.059root 11241100x800000000000000080352Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b00f90a91f615152021-12-17 11:28:01.059root 11241100x800000000000000080353Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac0c8ef9248aff8e2021-12-17 11:28:01.059root 11241100x800000000000000080354Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e6b16c8794df73d2021-12-17 11:28:01.059root 11241100x800000000000000080355Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd85ec0db7ed4bdc2021-12-17 11:28:01.059root 11241100x800000000000000080356Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b954771dc6ef73a42021-12-17 11:28:01.060root 11241100x800000000000000080357Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fcf1e800793667402021-12-17 11:28:01.060root 11241100x800000000000000080358Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47a9efc866ededfb2021-12-17 11:28:01.060root 11241100x800000000000000080359Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.980923a0915a42192021-12-17 11:28:01.060root 11241100x800000000000000080360Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cfcb4478202215792021-12-17 11:28:01.060root 11241100x800000000000000080361Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7853a6233a2d9d122021-12-17 11:28:01.060root 11241100x800000000000000080362Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.49d57e773dcfa7a22021-12-17 11:28:01.060root 11241100x800000000000000080363Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76b50155b867d3ad2021-12-17 11:28:01.060root 11241100x800000000000000080364Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3f6d080d8cf15eb2021-12-17 11:28:01.060root 11241100x800000000000000080365Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b3d3fefd789b0722021-12-17 11:28:01.060root 11241100x800000000000000080366Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c3c585e92a911e482021-12-17 11:28:01.060root 11241100x800000000000000080367Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f52910eabbd3710c2021-12-17 11:28:01.061root 11241100x800000000000000080368Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.79438e168d4baca72021-12-17 11:28:01.061root 11241100x800000000000000080369Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c7603b4765b65d22021-12-17 11:28:01.061root 11241100x800000000000000080370Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f36695e85c0dc2eb2021-12-17 11:28:01.061root 11241100x800000000000000080371Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.06425bfb178a08a92021-12-17 11:28:01.062root 11241100x800000000000000080372Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d29560c973583bf92021-12-17 11:28:01.062root 11241100x800000000000000080373Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a986fc26479f3dd2021-12-17 11:28:01.062root 11241100x800000000000000080374Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.55cfcee6f9a9a8fd2021-12-17 11:28:01.062root 11241100x800000000000000080375Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9f6d1090ce11a9d92021-12-17 11:28:01.062root 11241100x800000000000000080376Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a89cade8bf824b72021-12-17 11:28:01.063root 11241100x800000000000000080377Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.986f6c82c28fb6652021-12-17 11:28:01.063root 11241100x800000000000000080378Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5338af1135e311d02021-12-17 11:28:01.063root 11241100x800000000000000080379Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f4fe02391ad70d32021-12-17 11:28:01.063root 11241100x800000000000000080380Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.454d0e4204c0b20b2021-12-17 11:28:01.063root 11241100x800000000000000080381Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd3e959edd1ae7512021-12-17 11:28:01.063root 11241100x800000000000000080382Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.afd824828c5821942021-12-17 11:28:01.063root 11241100x800000000000000080383Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.28b870b5e1ed31342021-12-17 11:28:01.063root 11241100x800000000000000080384Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0a276d074b35a732021-12-17 11:28:01.064root 11241100x800000000000000080385Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38df54de31e37f962021-12-17 11:28:01.064root 11241100x800000000000000080386Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2085a585d4cd96162021-12-17 11:28:01.064root 11241100x800000000000000080387Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.59e36558a7dd1a152021-12-17 11:28:01.064root 11241100x800000000000000080388Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c639feb53e9471ba2021-12-17 11:28:01.064root 11241100x800000000000000080389Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed0e550b929b96bc2021-12-17 11:28:01.064root 11241100x800000000000000080390Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a60d38a0586184b42021-12-17 11:28:01.064root 11241100x800000000000000080391Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c8b09360b07d5c8a2021-12-17 11:28:01.064root 11241100x800000000000000080392Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed7e5050f50e96a12021-12-17 11:28:01.064root 11241100x800000000000000080393Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f9db182df91d18d2021-12-17 11:28:01.064root 11241100x800000000000000080394Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.804e748e6e96fe482021-12-17 11:28:01.064root 11241100x800000000000000080395Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8dccf17d03ab68f62021-12-17 11:28:01.064root 11241100x800000000000000080396Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a2c8286f2a8156df2021-12-17 11:28:01.064root 11241100x800000000000000080397Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63b6e12824e6d7a52021-12-17 11:28:01.064root 11241100x800000000000000080398Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed672ec39d1730602021-12-17 11:28:01.064root 11241100x800000000000000080399Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.46edca4f14119b8f2021-12-17 11:28:01.064root 11241100x800000000000000080400Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ea00f4e560e0de682021-12-17 11:28:01.065root 11241100x800000000000000080401Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b15142e7646cffe92021-12-17 11:28:01.065root 11241100x800000000000000080402Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bea763552e8e16522021-12-17 11:28:01.065root 11241100x800000000000000080403Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48458f96171f73582021-12-17 11:28:01.065root 11241100x800000000000000080404Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b8595d89962a2ee2021-12-17 11:28:01.065root 11241100x800000000000000080405Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.369656fa457074772021-12-17 11:28:01.065root 11241100x800000000000000080406Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.12a9324ba00968932021-12-17 11:28:01.065root 11241100x800000000000000080407Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cfd3e818f515dd022021-12-17 11:28:01.065root 11241100x800000000000000080408Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bfed04646107a8ad2021-12-17 11:28:01.065root 11241100x800000000000000080409Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b47b81a838c0b9f72021-12-17 11:28:01.065root 11241100x800000000000000080410Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9200425ccbd9b3f92021-12-17 11:28:01.065root 11241100x800000000000000080411Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.86f9d7539bee609a2021-12-17 11:28:01.065root 11241100x800000000000000080412Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.066{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f1927c7c31e50a62021-12-17 11:28:01.066root 11241100x800000000000000080413Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.124b2dde98c7b8252021-12-17 11:28:01.558root 11241100x800000000000000080414Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e08377a2d7995fe32021-12-17 11:28:01.558root 11241100x800000000000000080415Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4bd1b6d5d63344d82021-12-17 11:28:01.559root 11241100x800000000000000080416Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb247a6bb9eeba592021-12-17 11:28:01.559root 11241100x800000000000000080417Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c7a33dbe2cf1e0792021-12-17 11:28:01.559root 11241100x800000000000000080418Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.727405719c0ddf772021-12-17 11:28:01.559root 11241100x800000000000000080419Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c16eb4e3ed494bcd2021-12-17 11:28:01.559root 11241100x800000000000000080420Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.15bc43194835bb372021-12-17 11:28:01.559root 11241100x800000000000000080421Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f2f70163662d25d62021-12-17 11:28:01.559root 11241100x800000000000000080422Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3664d13011bea0bd2021-12-17 11:28:01.560root 11241100x800000000000000080423Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9562b318f4579ea92021-12-17 11:28:01.560root 11241100x800000000000000080424Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8029dc84a5f38932021-12-17 11:28:01.560root 11241100x800000000000000080425Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.afce570bb1b526ec2021-12-17 11:28:01.560root 11241100x800000000000000080426Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be4e3a4bad5101942021-12-17 11:28:01.560root 11241100x800000000000000080427Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.876259caa14c0c9f2021-12-17 11:28:01.560root 11241100x800000000000000080428Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a24d956b29d223cf2021-12-17 11:28:01.561root 11241100x800000000000000080429Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.66c13f858dd9e0722021-12-17 11:28:01.561root 11241100x800000000000000080430Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.438f9ecaa339d4172021-12-17 11:28:01.561root 11241100x800000000000000080431Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.17dbb5753969a6722021-12-17 11:28:01.561root 11241100x800000000000000080432Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b802945cbb969f332021-12-17 11:28:01.561root 11241100x800000000000000080433Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.67b08c0fb1044ba12021-12-17 11:28:01.561root 11241100x800000000000000080434Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f577e3e45d81c6592021-12-17 11:28:01.561root 11241100x800000000000000080435Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e01d85a5998215fe2021-12-17 11:28:01.561root 11241100x800000000000000080436Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.80bdb467dd9d0b212021-12-17 11:28:01.561root 11241100x800000000000000080437Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.44bf32c6205306532021-12-17 11:28:01.561root 11241100x800000000000000080438Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.219975787b8896952021-12-17 11:28:01.561root 11241100x800000000000000080439Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e5fa82d74f998dee2021-12-17 11:28:01.562root 11241100x800000000000000080440Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc563eedce368a9f2021-12-17 11:28:01.562root 11241100x800000000000000080441Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ae8a1e976ea1fea2021-12-17 11:28:01.562root 11241100x800000000000000080442Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ccf61fc4b37856352021-12-17 11:28:01.562root 11241100x800000000000000080443Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bbec122302f9dc0c2021-12-17 11:28:01.562root 11241100x800000000000000080444Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc7f0dd909bf6a242021-12-17 11:28:01.562root 11241100x800000000000000080445Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0681badfc510e5102021-12-17 11:28:01.563root 11241100x800000000000000080446Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.27d2756598cc0fa52021-12-17 11:28:01.563root 11241100x800000000000000080447Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.067fbe15f79aff272021-12-17 11:28:01.563root 11241100x800000000000000080448Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.46e89cadad046d7c2021-12-17 11:28:01.563root 11241100x800000000000000080449Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff21b512460c75872021-12-17 11:28:01.563root 11241100x800000000000000080450Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.514c8f7a177a31d82021-12-17 11:28:01.563root 11241100x800000000000000080451Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.465981a6db5bdd9e2021-12-17 11:28:01.564root 11241100x800000000000000080452Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d745fb2bdcd6183e2021-12-17 11:28:01.564root 11241100x800000000000000080453Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df205e5dd99094432021-12-17 11:28:01.564root 11241100x800000000000000080454Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90ca9cea630519cf2021-12-17 11:28:01.564root 11241100x800000000000000080455Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d0dde54da7a4b8b12021-12-17 11:28:01.564root 11241100x800000000000000080456Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.135ac3222965c4742021-12-17 11:28:01.564root 11241100x800000000000000080457Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f86226e1c84113b2021-12-17 11:28:01.564root 11241100x800000000000000080458Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76813f8ffb8f04d52021-12-17 11:28:01.564root 11241100x800000000000000080459Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2b310952ec9cce12021-12-17 11:28:01.565root 11241100x800000000000000080460Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4884fabd37155ef22021-12-17 11:28:01.565root 11241100x800000000000000080461Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7efeeab467aced942021-12-17 11:28:02.056root 11241100x800000000000000080462Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a69809f049f95a702021-12-17 11:28:02.057root 11241100x800000000000000080463Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f8024f12cb734eda2021-12-17 11:28:02.057root 11241100x800000000000000080464Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eccbf0dc99574d602021-12-17 11:28:02.058root 11241100x800000000000000080465Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.906ea2852bcf20c62021-12-17 11:28:02.058root 11241100x800000000000000080466Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d2671f209a2f72a82021-12-17 11:28:02.059root 11241100x800000000000000080467Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a846e9cff527d5e2021-12-17 11:28:02.059root 11241100x800000000000000080468Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.853aa4a0f433bcf82021-12-17 11:28:02.059root 11241100x800000000000000080469Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc9e8c81c92e0b452021-12-17 11:28:02.059root 11241100x800000000000000080470Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c190d2cc078e238f2021-12-17 11:28:02.059root 11241100x800000000000000080471Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa9aea48bf40db2a2021-12-17 11:28:02.059root 11241100x800000000000000080472Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.755335e32d0879d42021-12-17 11:28:02.060root 11241100x800000000000000080473Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.11fa0ba06f55129c2021-12-17 11:28:02.060root 11241100x800000000000000080474Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b69903140dd066e82021-12-17 11:28:02.060root 11241100x800000000000000080475Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d01b0c3fe4fb68cc2021-12-17 11:28:02.060root 11241100x800000000000000080476Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd1948c2abf8ca322021-12-17 11:28:02.060root 11241100x800000000000000080477Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9279ce73861500b62021-12-17 11:28:02.060root 11241100x800000000000000080478Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eaa5273a9e5700222021-12-17 11:28:02.060root 11241100x800000000000000080479Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.37f7187a6a9fcb912021-12-17 11:28:02.060root 11241100x800000000000000080480Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.babd28096aca9a102021-12-17 11:28:02.060root 11241100x800000000000000080481Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a545b1bf32637d92021-12-17 11:28:02.060root 11241100x800000000000000080482Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fefcbe8cae8d516f2021-12-17 11:28:02.060root 11241100x800000000000000080483Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ab5d11baf63e7b382021-12-17 11:28:02.061root 11241100x800000000000000080484Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6056740e7d14612e2021-12-17 11:28:02.061root 11241100x800000000000000080485Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be021d020708a3eb2021-12-17 11:28:02.061root 11241100x800000000000000080486Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b90282cae6fec782021-12-17 11:28:02.061root 11241100x800000000000000080487Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a011f1052f2bbdb2021-12-17 11:28:02.061root 11241100x800000000000000080488Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90f0de604d2ffac42021-12-17 11:28:02.061root 11241100x800000000000000080489Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23081ae8d044efdf2021-12-17 11:28:02.061root 11241100x800000000000000080490Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6af7300067cfd8002021-12-17 11:28:02.061root 11241100x800000000000000080491Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.724575cc65d40a682021-12-17 11:28:02.061root 11241100x800000000000000080492Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.97d1c079d17601092021-12-17 11:28:02.061root 11241100x800000000000000080493Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc75e97efa41f6f32021-12-17 11:28:02.062root 11241100x800000000000000080494Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02d05a019d894ce62021-12-17 11:28:02.062root 11241100x800000000000000080495Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c99bb08e9f985aa2021-12-17 11:28:02.062root 11241100x800000000000000080496Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.82d870e225bc0acc2021-12-17 11:28:02.062root 11241100x800000000000000080497Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f72dc9e4ed2ff9442021-12-17 11:28:02.062root 11241100x800000000000000080498Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5482b8e24dea958d2021-12-17 11:28:02.063root 11241100x800000000000000080499Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.52282200261195452021-12-17 11:28:02.063root 11241100x800000000000000080500Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b42b985e1e5248392021-12-17 11:28:02.063root 11241100x800000000000000080501Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3aecc670f552bfda2021-12-17 11:28:02.063root 11241100x800000000000000080502Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2cfc59d2969afb5e2021-12-17 11:28:02.063root 11241100x800000000000000080503Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5654422513f568702021-12-17 11:28:02.063root 11241100x800000000000000080504Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0983a121e1c89c572021-12-17 11:28:02.064root 11241100x800000000000000080505Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0db0a661852ef6802021-12-17 11:28:02.064root 11241100x800000000000000080506Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.649bc0525614f5202021-12-17 11:28:02.064root 11241100x800000000000000080507Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4aec2f5c5965b60b2021-12-17 11:28:02.064root 11241100x800000000000000080508Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.554ee0b99785729c2021-12-17 11:28:02.064root 11241100x800000000000000080509Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f3f4d52175b5b032021-12-17 11:28:02.064root 11241100x800000000000000080510Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.08d28462b667bd262021-12-17 11:28:02.064root 11241100x800000000000000080511Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ab71c2bc34fc6aa92021-12-17 11:28:02.064root 11241100x800000000000000080512Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.56ec51c741eca5fc2021-12-17 11:28:02.064root 11241100x800000000000000080513Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0fcb4cab6ea00d782021-12-17 11:28:02.558root 11241100x800000000000000080514Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0ca9f4a2cc4a0862021-12-17 11:28:02.558root 11241100x800000000000000080515Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.53914eca54f696d82021-12-17 11:28:02.558root 11241100x800000000000000080516Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ecb1870d7f949432021-12-17 11:28:02.558root 11241100x800000000000000080517Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ea48f203ba2f61fa2021-12-17 11:28:02.559root 11241100x800000000000000080518Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe19f7b33cf7a77e2021-12-17 11:28:02.559root 11241100x800000000000000080519Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8df3300e609e524c2021-12-17 11:28:02.559root 11241100x800000000000000080520Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fcd91a10629802fe2021-12-17 11:28:02.559root 11241100x800000000000000080521Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.edf2a7f7625b42282021-12-17 11:28:02.559root 11241100x800000000000000080522Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aeeac62343973ff52021-12-17 11:28:02.559root 11241100x800000000000000080523Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c8eccb39861e45542021-12-17 11:28:02.559root 11241100x800000000000000080524Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7703a135f21c64f82021-12-17 11:28:02.559root 11241100x800000000000000080525Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7193b7a971bd9d112021-12-17 11:28:02.560root 11241100x800000000000000080526Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8961604e43eba8002021-12-17 11:28:02.560root 11241100x800000000000000080527Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.835ff416517199172021-12-17 11:28:02.560root 11241100x800000000000000080528Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af46272c3decfb4b2021-12-17 11:28:02.560root 11241100x800000000000000080529Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.81a038360131e5612021-12-17 11:28:02.560root 11241100x800000000000000080530Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.82a80771689529272021-12-17 11:28:02.560root 11241100x800000000000000080531Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b2552407f525a66a2021-12-17 11:28:02.560root 11241100x800000000000000080532Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b07673fb05901ee2021-12-17 11:28:02.560root 11241100x800000000000000080533Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bcb00eb8729cf5352021-12-17 11:28:02.560root 11241100x800000000000000080534Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47754f5579a234d12021-12-17 11:28:02.560root 11241100x800000000000000080535Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0fccce2b0441a8942021-12-17 11:28:02.560root 11241100x800000000000000080536Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1386758353a189732021-12-17 11:28:02.561root 11241100x800000000000000080537Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec5e0bac2db231e42021-12-17 11:28:02.561root 11241100x800000000000000080538Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a361753bc0cc22922021-12-17 11:28:02.561root 11241100x800000000000000080539Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.66760c96e9785ecf2021-12-17 11:28:02.561root 11241100x800000000000000080540Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d5ac6944e8bd05482021-12-17 11:28:02.561root 11241100x800000000000000080541Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e176ae5d0bdff3ad2021-12-17 11:28:02.561root 11241100x800000000000000080542Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8705e5c2a99368272021-12-17 11:28:02.561root 11241100x800000000000000080543Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c13f04b026591c72021-12-17 11:28:02.561root 11241100x800000000000000080544Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3057bdcc0a0843d82021-12-17 11:28:02.561root 11241100x800000000000000080545Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.679ef65264a30d332021-12-17 11:28:02.561root 11241100x800000000000000080546Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4dc393b3008406502021-12-17 11:28:02.562root 11241100x800000000000000080547Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a895740575d259082021-12-17 11:28:02.562root 11241100x800000000000000080548Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.72956781b657e72d2021-12-17 11:28:02.562root 11241100x800000000000000080549Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee5471b39b76bffa2021-12-17 11:28:02.562root 11241100x800000000000000080550Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fffdabd2a25f07682021-12-17 11:28:02.562root 11241100x800000000000000080551Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae8d5d9cf6ddb16a2021-12-17 11:28:02.562root 11241100x800000000000000080552Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd384061d457465f2021-12-17 11:28:02.562root 11241100x800000000000000080553Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d05d4f7a98653c162021-12-17 11:28:02.562root 11241100x800000000000000080554Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6ca335871ebf52b2021-12-17 11:28:02.562root 11241100x800000000000000080555Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.10e4fb979cc569332021-12-17 11:28:02.562root 11241100x800000000000000080556Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2ea737dae3267622021-12-17 11:28:02.562root 11241100x800000000000000080557Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c44e69c4ea6258da2021-12-17 11:28:02.563root 11241100x800000000000000080558Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c7c785233f8264382021-12-17 11:28:02.563root 11241100x800000000000000080559Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ae6c95aba7aaadb2021-12-17 11:28:02.563root 11241100x800000000000000080560Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e1b6479ecb01b1932021-12-17 11:28:02.563root 11241100x800000000000000080561Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d8e6322cad8a7f12021-12-17 11:28:03.058root 11241100x800000000000000080562Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a3459838a0dc71d82021-12-17 11:28:03.058root 11241100x800000000000000080563Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41d223d4151093ae2021-12-17 11:28:03.058root 11241100x800000000000000080564Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f14fe43d1219ad6e2021-12-17 11:28:03.058root 11241100x800000000000000080565Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e5f551a33010fb3a2021-12-17 11:28:03.059root 11241100x800000000000000080566Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eaa22b1c7d5335d72021-12-17 11:28:03.059root 11241100x800000000000000080567Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9056511b0096b3292021-12-17 11:28:03.059root 11241100x800000000000000080568Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e40ace42ac7fbc152021-12-17 11:28:03.059root 11241100x800000000000000080569Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.65d15d54e45c4bd32021-12-17 11:28:03.059root 11241100x800000000000000080570Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a7583b648894bcf2021-12-17 11:28:03.059root 11241100x800000000000000080571Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d7aecafe07c81682021-12-17 11:28:03.059root 11241100x800000000000000080572Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff22b9ae5b219f922021-12-17 11:28:03.059root 11241100x800000000000000080573Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dbc6cd128867a89f2021-12-17 11:28:03.059root 11241100x800000000000000080574Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b6ed860cff1a8de82021-12-17 11:28:03.059root 11241100x800000000000000080575Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ecd3f8ef10a2cdc2021-12-17 11:28:03.059root 11241100x800000000000000080576Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7674952820ebf4c82021-12-17 11:28:03.059root 11241100x800000000000000080577Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e78b4a9eb9438842021-12-17 11:28:03.059root 11241100x800000000000000080578Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ea4442f5cdabb9292021-12-17 11:28:03.059root 11241100x800000000000000080579Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.516c9809eef0d1dd2021-12-17 11:28:03.059root 11241100x800000000000000080580Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4dece40ca2d8e7d02021-12-17 11:28:03.060root 11241100x800000000000000080581Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec0b981f709eee292021-12-17 11:28:03.060root 11241100x800000000000000080582Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dff79b3122b596742021-12-17 11:28:03.060root 11241100x800000000000000080583Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a96d01e84c28e342021-12-17 11:28:03.060root 11241100x800000000000000080584Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.53594089f89208772021-12-17 11:28:03.060root 11241100x800000000000000080585Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3eb4be91fc5e41d02021-12-17 11:28:03.060root 11241100x800000000000000080586Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.943b89d483d386112021-12-17 11:28:03.060root 11241100x800000000000000080587Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d3a6820d50cda592021-12-17 11:28:03.060root 11241100x800000000000000080588Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.35c5ce7b29d125c22021-12-17 11:28:03.060root 11241100x800000000000000080589Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ac0387eca7510bc2021-12-17 11:28:03.060root 11241100x800000000000000080590Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd72d8952c5bb0962021-12-17 11:28:03.060root 11241100x800000000000000080591Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c34662830f70d352021-12-17 11:28:03.060root 11241100x800000000000000080592Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25e877baefa5e1b52021-12-17 11:28:03.060root 11241100x800000000000000080593Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1ec69276f2b25dc22021-12-17 11:28:03.060root 11241100x800000000000000080594Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.60f64646766b1a452021-12-17 11:28:03.060root 11241100x800000000000000080595Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c9166e02141dc4542021-12-17 11:28:03.060root 11241100x800000000000000080596Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e79093fd854562262021-12-17 11:28:03.061root 11241100x800000000000000080597Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce76684c6d719dfb2021-12-17 11:28:03.061root 11241100x800000000000000080598Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f07c350898f37b62021-12-17 11:28:03.061root 11241100x800000000000000080599Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6842ff2d36413cc12021-12-17 11:28:03.061root 11241100x800000000000000080600Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.46ac0e1cc7dc66df2021-12-17 11:28:03.061root 11241100x800000000000000080601Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d33a18c13a51b7f2021-12-17 11:28:03.061root 11241100x800000000000000080602Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.162f6ecb6250fd592021-12-17 11:28:03.061root 11241100x800000000000000080603Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.20e15d03f8821c6a2021-12-17 11:28:03.061root 11241100x800000000000000080604Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33942d70a76022d92021-12-17 11:28:03.061root 11241100x800000000000000080605Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee48f72b4d760ef52021-12-17 11:28:03.061root 11241100x800000000000000080606Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c06437319fa70522021-12-17 11:28:03.061root 11241100x800000000000000080607Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6d6a401153ad0342021-12-17 11:28:03.061root 11241100x800000000000000080608Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb09254c664875872021-12-17 11:28:03.061root 23542300x800000000000000080609Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.190{ec28ba6a-709b-61bc-30d8-78dfe0550000}5175root/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log--- 354300x800000000000000080610Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.223{ec28ba6a-70a3-61bc-5175-3a0400000000}5248/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-42960-false10.0.1.12-8000- 11241100x800000000000000080611Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c8025885aab14fd2021-12-17 11:28:03.558root 11241100x800000000000000080612Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.73910d386a19dff82021-12-17 11:28:03.558root 11241100x800000000000000080613Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c15a16b806331302021-12-17 11:28:03.559root 11241100x800000000000000080614Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.29a676f84f093bbc2021-12-17 11:28:03.559root 11241100x800000000000000080615Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4192c67b13eca0022021-12-17 11:28:03.559root 11241100x800000000000000080616Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b15d66f845b2e9f2021-12-17 11:28:03.559root 11241100x800000000000000080617Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00c2158f853722bb2021-12-17 11:28:03.559root 11241100x800000000000000080618Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.120a0e5002fa264c2021-12-17 11:28:03.559root 11241100x800000000000000080619Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be988ac416695c312021-12-17 11:28:03.559root 11241100x800000000000000080620Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf0c16cb363c44e52021-12-17 11:28:03.559root 11241100x800000000000000080621Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3758f0465e9f3f982021-12-17 11:28:03.559root 11241100x800000000000000080622Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.35d7df5ab1f2ef152021-12-17 11:28:03.559root 11241100x800000000000000080623Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2d51b8b0010fe392021-12-17 11:28:03.559root 11241100x800000000000000080624Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df14bab0b73dc2762021-12-17 11:28:03.560root 11241100x800000000000000080625Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c101cecee44415e2021-12-17 11:28:03.560root 11241100x800000000000000080626Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f57af188d407352f2021-12-17 11:28:03.560root 11241100x800000000000000080627Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.34309fa93eea8a4a2021-12-17 11:28:03.560root 11241100x800000000000000080628Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4fe3f9912a14459d2021-12-17 11:28:03.560root 11241100x800000000000000080629Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c29cb9ed990105682021-12-17 11:28:03.560root 11241100x800000000000000080630Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef3a21e567ede2d42021-12-17 11:28:03.560root 11241100x800000000000000080631Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.117c37c18a1c93182021-12-17 11:28:03.560root 11241100x800000000000000080632Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ff305750feb50c32021-12-17 11:28:03.560root 11241100x800000000000000080633Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.760e090d9ed5e9fc2021-12-17 11:28:03.560root 11241100x800000000000000080634Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.86a34e03bd9e47e32021-12-17 11:28:03.560root 11241100x800000000000000080635Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.51e282e29c3179bc2021-12-17 11:28:03.560root 11241100x800000000000000080636Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5050ed304a4d673a2021-12-17 11:28:03.560root 11241100x800000000000000080637Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3c7360a73abbd36c2021-12-17 11:28:03.561root 11241100x800000000000000080638Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f87b6791ee81aa42021-12-17 11:28:03.561root 11241100x800000000000000080639Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a22cba426da54f42021-12-17 11:28:03.561root 11241100x800000000000000080640Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c36c69132bf2065f2021-12-17 11:28:03.561root 11241100x800000000000000080641Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.358811b6bf2854892021-12-17 11:28:03.561root 11241100x800000000000000080642Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c10ff0b0e370216c2021-12-17 11:28:03.561root 11241100x800000000000000080643Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c8950276847543232021-12-17 11:28:03.561root 11241100x800000000000000080644Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3317acbce098a9192021-12-17 11:28:03.561root 11241100x800000000000000080645Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09666d3820009d392021-12-17 11:28:03.561root 11241100x800000000000000080646Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2742facf251906922021-12-17 11:28:03.561root 11241100x800000000000000080647Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b6fc4072eebea5572021-12-17 11:28:03.561root 11241100x800000000000000080648Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33dbe4f96ac6b9902021-12-17 11:28:03.561root 11241100x800000000000000080649Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fbe981b195b90f982021-12-17 11:28:03.561root 11241100x800000000000000080650Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b2a9e1a9667354822021-12-17 11:28:03.561root 11241100x800000000000000080651Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a77d06cd4a28c9362021-12-17 11:28:03.562root 11241100x800000000000000080652Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.68ee45cbc25e9c842021-12-17 11:28:03.562root 11241100x800000000000000080653Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.43f3e6ae6f4080752021-12-17 11:28:03.562root 11241100x800000000000000080654Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f81fd9b2d9c628ef2021-12-17 11:28:03.562root 11241100x800000000000000080655Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ded8a25011b57ad42021-12-17 11:28:03.562root 11241100x800000000000000080656Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.06cf9eb9bc1064122021-12-17 11:28:03.562root 11241100x800000000000000080657Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.26b4a604ec561e122021-12-17 11:28:03.562root 11241100x800000000000000080658Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54d0358a7adfafda2021-12-17 11:28:03.562root 11241100x800000000000000080659Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.109d77666cf223112021-12-17 11:28:03.562root 11241100x800000000000000080660Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7eb6a0db406cffd2021-12-17 11:28:03.562root 11241100x800000000000000080661Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.44fd9442309e27ca2021-12-17 11:28:04.057root 11241100x800000000000000080662Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e17bb465d84b40512021-12-17 11:28:04.057root 11241100x800000000000000080663Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.123909a9ca5262f72021-12-17 11:28:04.057root 11241100x800000000000000080664Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6803842cc79699812021-12-17 11:28:04.057root 11241100x800000000000000080665Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b4af192f15334172021-12-17 11:28:04.057root 11241100x800000000000000080666Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e610de7862a5ffd82021-12-17 11:28:04.057root 11241100x800000000000000080667Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7025741aedd74df62021-12-17 11:28:04.058root 11241100x800000000000000080668Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.82de57c8b056d3352021-12-17 11:28:04.058root 11241100x800000000000000080669Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef72619d5fb683552021-12-17 11:28:04.058root 11241100x800000000000000080670Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b6b850a7ae72acf02021-12-17 11:28:04.058root 11241100x800000000000000080671Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b63158cc270e48532021-12-17 11:28:04.058root 11241100x800000000000000080672Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5fef40929fd415f32021-12-17 11:28:04.058root 11241100x800000000000000080673Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7689a87c632b4892021-12-17 11:28:04.058root 11241100x800000000000000080674Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.56e596708dbcd2942021-12-17 11:28:04.058root 11241100x800000000000000080675Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63ea7638802c8ac92021-12-17 11:28:04.058root 11241100x800000000000000080676Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.05dd1130c7d4f2072021-12-17 11:28:04.059root 11241100x800000000000000080677Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.06273c68b3580f6e2021-12-17 11:28:04.059root 11241100x800000000000000080678Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ffc8981e0e4692f2021-12-17 11:28:04.059root 11241100x800000000000000080679Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de1ed0fd3d477d052021-12-17 11:28:04.060root 11241100x800000000000000080680Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ebd53712a4a40fd2021-12-17 11:28:04.060root 11241100x800000000000000080681Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c83d4d2d481768202021-12-17 11:28:04.060root 11241100x800000000000000080682Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3007e8f8a23daf0b2021-12-17 11:28:04.060root 11241100x800000000000000080683Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.900a1b18a7763b982021-12-17 11:28:04.060root 11241100x800000000000000080684Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7afe3190f5f8d2282021-12-17 11:28:04.060root 11241100x800000000000000080685Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b245874cc90903172021-12-17 11:28:04.060root 11241100x800000000000000080686Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96f2162ea1d0d4e62021-12-17 11:28:04.061root 11241100x800000000000000080687Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de01c851164c9b372021-12-17 11:28:04.061root 11241100x800000000000000080688Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63905fb2fe992c702021-12-17 11:28:04.061root 11241100x800000000000000080689Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0512462fc71f11de2021-12-17 11:28:04.061root 11241100x800000000000000080690Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6a9444a265347fe2021-12-17 11:28:04.061root 11241100x800000000000000080691Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9f7cffe50603170e2021-12-17 11:28:04.062root 11241100x800000000000000080692Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8d9067bac88d5ea2021-12-17 11:28:04.062root 11241100x800000000000000080693Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.57e28ff722eba3062021-12-17 11:28:04.062root 11241100x800000000000000080694Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e40d041c942d8ed32021-12-17 11:28:04.062root 11241100x800000000000000080695Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.78751a0464dafe0d2021-12-17 11:28:04.062root 11241100x800000000000000080696Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.870de844668f3f1d2021-12-17 11:28:04.062root 11241100x800000000000000080697Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.981acb067a83c1d22021-12-17 11:28:04.063root 11241100x800000000000000080698Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.67009d531a7cb84f2021-12-17 11:28:04.063root 11241100x800000000000000080699Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0f5020aa868224ed2021-12-17 11:28:04.063root 11241100x800000000000000080700Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3e397f758b909792021-12-17 11:28:04.064root 11241100x800000000000000080701Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf56e48ef3d2474f2021-12-17 11:28:04.064root 11241100x800000000000000080702Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.521f775582524b502021-12-17 11:28:04.064root 11241100x800000000000000080703Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.932997778fb760092021-12-17 11:28:04.064root 11241100x800000000000000080704Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5295476e348c7f0b2021-12-17 11:28:04.064root 11241100x800000000000000080705Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b652715f661872f32021-12-17 11:28:04.064root 11241100x800000000000000080706Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dbe1c78f0a2daff22021-12-17 11:28:04.064root 11241100x800000000000000080707Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.832c96183018d29c2021-12-17 11:28:04.064root 11241100x800000000000000080708Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.afbbde522364119c2021-12-17 11:28:04.065root 11241100x800000000000000080709Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f789a3e2f2e42552021-12-17 11:28:04.065root 11241100x800000000000000080710Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a7f6e4ab53a90aa2021-12-17 11:28:04.065root 11241100x800000000000000080711Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.722b5dc19245938d2021-12-17 11:28:04.065root 11241100x800000000000000080712Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d059924318b9c6de2021-12-17 11:28:04.065root 11241100x800000000000000080713Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.066{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.39f20b86aebf5bb42021-12-17 11:28:04.066root 11241100x800000000000000080714Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.205748d5ada4a3c12021-12-17 11:28:04.067root 11241100x800000000000000080715Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.587bdfc5dbb45c602021-12-17 11:28:04.067root 11241100x800000000000000080716Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.71eb0db154e68a4b2021-12-17 11:28:04.067root 11241100x800000000000000080717Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.80130346a280b6362021-12-17 11:28:04.067root 11241100x800000000000000080718Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6dd7240261523082021-12-17 11:28:04.067root 11241100x800000000000000080719Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.88f4f95cb8efee972021-12-17 11:28:04.557root 11241100x800000000000000080720Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.05da00f194b9dfaa2021-12-17 11:28:04.557root 11241100x800000000000000080721Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c3e8361645894862021-12-17 11:28:04.557root 11241100x800000000000000080722Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df033226006b51042021-12-17 11:28:04.557root 11241100x800000000000000080723Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba8b362566722f642021-12-17 11:28:04.558root 11241100x800000000000000080724Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8bc4f543a724feba2021-12-17 11:28:04.558root 11241100x800000000000000080725Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.34cb2366937477fb2021-12-17 11:28:04.558root 11241100x800000000000000080726Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.176e091a56572bde2021-12-17 11:28:04.558root 11241100x800000000000000080727Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.545c0c83e5ac75202021-12-17 11:28:04.558root 11241100x800000000000000080728Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38dcf5e55fc60d7e2021-12-17 11:28:04.558root 11241100x800000000000000080729Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5098334df21897d62021-12-17 11:28:04.559root 11241100x800000000000000080730Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1afe1b7cc764dfd82021-12-17 11:28:04.559root 11241100x800000000000000080731Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ff5b2510a38146a2021-12-17 11:28:04.559root 11241100x800000000000000080732Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7de28ffb645ac2642021-12-17 11:28:04.559root 11241100x800000000000000080733Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.094a9cbc2927bf532021-12-17 11:28:04.559root 11241100x800000000000000080734Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d55f4d1fcf1ffa4d2021-12-17 11:28:04.559root 11241100x800000000000000080735Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7fa69c75b23dc2972021-12-17 11:28:04.559root 11241100x800000000000000080736Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a483d04ee6b4238e2021-12-17 11:28:04.559root 11241100x800000000000000080737Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.62e1c9f773b332602021-12-17 11:28:04.559root 11241100x800000000000000080738Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e6fb6b92df01c5c2021-12-17 11:28:04.559root 11241100x800000000000000080739Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.131b8b0099effdf12021-12-17 11:28:04.560root 11241100x800000000000000080740Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.316d525192f861552021-12-17 11:28:04.560root 11241100x800000000000000080741Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb3ea5e194805e742021-12-17 11:28:04.560root 11241100x800000000000000080742Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.184d477d2c97413c2021-12-17 11:28:04.560root 11241100x800000000000000080743Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa4333cc1ba061f42021-12-17 11:28:04.560root 11241100x800000000000000080744Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7beb4997303e50b52021-12-17 11:28:04.560root 11241100x800000000000000080745Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e228a5e521afc8f72021-12-17 11:28:04.561root 11241100x800000000000000080746Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a8e97acb32ba5542021-12-17 11:28:04.561root 11241100x800000000000000080747Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f38cfb5be4ad99d2021-12-17 11:28:04.561root 11241100x800000000000000080748Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d25a7f8691ac2242021-12-17 11:28:04.561root 11241100x800000000000000080749Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.065befe843de0e302021-12-17 11:28:04.561root 11241100x800000000000000080750Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c66bf8b1435bcfda2021-12-17 11:28:04.561root 11241100x800000000000000080751Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7422da63cd439fd72021-12-17 11:28:04.561root 11241100x800000000000000080752Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b7edb3db8519a112021-12-17 11:28:04.561root 11241100x800000000000000080753Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ea57ef305cac8c892021-12-17 11:28:04.561root 11241100x800000000000000080754Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d4dc72c139185d22021-12-17 11:28:04.562root 11241100x800000000000000080755Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d96d21cc93a496f2021-12-17 11:28:04.562root 11241100x800000000000000080756Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d751c9b9cbf7268a2021-12-17 11:28:04.562root 11241100x800000000000000080757Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c59cda2d01c3e9c72021-12-17 11:28:04.562root 11241100x800000000000000080758Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bccf4f9a9f139c582021-12-17 11:28:04.562root 11241100x800000000000000080759Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ea249f5aaa4f7ca22021-12-17 11:28:04.562root 11241100x800000000000000080760Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c6b779dc9924a3e2021-12-17 11:28:04.562root 11241100x800000000000000080761Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c40c4d18c1ebba6f2021-12-17 11:28:04.562root 11241100x800000000000000080762Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e7aa29b159855c32021-12-17 11:28:04.563root 11241100x800000000000000080763Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c9001186bbd146412021-12-17 11:28:04.563root 11241100x800000000000000080764Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f6959a7fb37977d2021-12-17 11:28:04.563root 11241100x800000000000000080765Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c6c55708dc684a92021-12-17 11:28:04.563root 11241100x800000000000000080766Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f96f292d7ad129c2021-12-17 11:28:04.563root 11241100x800000000000000080767Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb8876b861cbe0df2021-12-17 11:28:04.563root 11241100x800000000000000080768Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.411bd0430a0294792021-12-17 11:28:04.563root 11241100x800000000000000080769Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e34a2fe2f8f45a8d2021-12-17 11:28:04.563root 11241100x800000000000000080770Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e11499f1cee0daf32021-12-17 11:28:04.563root 11241100x800000000000000080771Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.014045101ecc12592021-12-17 11:28:04.563root 11241100x800000000000000080772Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c4f77c7f0e6ea0602021-12-17 11:28:05.057root 11241100x800000000000000080773Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.215bc66d76e89e512021-12-17 11:28:05.057root 11241100x800000000000000080774Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e994dfdb8f9ae7a82021-12-17 11:28:05.057root 11241100x800000000000000080775Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6b23e1fee03ff322021-12-17 11:28:05.057root 11241100x800000000000000080776Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2dd1a8b44745c6932021-12-17 11:28:05.057root 11241100x800000000000000080777Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d04238572049c56f2021-12-17 11:28:05.057root 11241100x800000000000000080778Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02a862c0319d300b2021-12-17 11:28:05.057root 11241100x800000000000000080779Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7cb1c2e1e289bc212021-12-17 11:28:05.057root 11241100x800000000000000080780Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a875a0fd9e6018db2021-12-17 11:28:05.058root 11241100x800000000000000080781Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f1cbf01dc1a09ae92021-12-17 11:28:05.058root 11241100x800000000000000080782Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f928dab7c8270f292021-12-17 11:28:05.058root 11241100x800000000000000080783Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.10c5b3ff7b7bfa542021-12-17 11:28:05.058root 11241100x800000000000000080784Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4813ee16294077f72021-12-17 11:28:05.058root 11241100x800000000000000080785Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.115a6027887a837b2021-12-17 11:28:05.059root 11241100x800000000000000080786Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.46dea5eac3e8e4d02021-12-17 11:28:05.059root 11241100x800000000000000080787Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a389cfb96ee0b7e52021-12-17 11:28:05.059root 11241100x800000000000000080788Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a8b84470479ef302021-12-17 11:28:05.059root 11241100x800000000000000080789Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0cd0b7b1c62d94232021-12-17 11:28:05.059root 11241100x800000000000000080790Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bfd0f634f86331212021-12-17 11:28:05.059root 11241100x800000000000000080791Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.51c621a6eebcd4222021-12-17 11:28:05.059root 11241100x800000000000000080792Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4fc52140fb400a072021-12-17 11:28:05.059root 11241100x800000000000000080793Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ccde05e558fa83352021-12-17 11:28:05.060root 11241100x800000000000000080794Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e50db559d0dbafc2021-12-17 11:28:05.060root 11241100x800000000000000080795Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f88535f6dd71dc4c2021-12-17 11:28:05.060root 11241100x800000000000000080796Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a1f06ff2a9a7e542021-12-17 11:28:05.060root 11241100x800000000000000080797Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a851a053acf93ccc2021-12-17 11:28:05.061root 11241100x800000000000000080798Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.888d09da357b4b182021-12-17 11:28:05.061root 11241100x800000000000000080799Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f3e520faadb94e12021-12-17 11:28:05.061root 11241100x800000000000000080800Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee68f69c78bc4e392021-12-17 11:28:05.061root 11241100x800000000000000080801Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9981e59dfaa250872021-12-17 11:28:05.061root 11241100x800000000000000080802Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2b1f8d6788838c302021-12-17 11:28:05.061root 11241100x800000000000000080803Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df96a28ce2cbdf212021-12-17 11:28:05.062root 11241100x800000000000000080804Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b01c404af85df5f2021-12-17 11:28:05.062root 11241100x800000000000000080805Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.761bb7363fd48d652021-12-17 11:28:05.063root 11241100x800000000000000080806Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a146430e6563c92d2021-12-17 11:28:05.063root 11241100x800000000000000080807Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb67a2d7d072eea82021-12-17 11:28:05.063root 11241100x800000000000000080808Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3ebe7ac621bb1fd2021-12-17 11:28:05.063root 11241100x800000000000000080809Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ed741b46d2f3f9c2021-12-17 11:28:05.063root 11241100x800000000000000080810Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2cbc0b0049d6738d2021-12-17 11:28:05.064root 11241100x800000000000000080811Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e1d11eff107aada32021-12-17 11:28:05.064root 11241100x800000000000000080812Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e80a2de4263ff7b92021-12-17 11:28:05.064root 11241100x800000000000000080813Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d7e15a6242616ef02021-12-17 11:28:05.064root 11241100x800000000000000080814Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1fc6b5b63234019f2021-12-17 11:28:05.065root 11241100x800000000000000080815Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7c75e34283c9d1b2021-12-17 11:28:05.065root 11241100x800000000000000080816Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f3c000f4602e91712021-12-17 11:28:05.065root 11241100x800000000000000080817Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33344c7e13b0a9ab2021-12-17 11:28:05.065root 11241100x800000000000000080818Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.066{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b0135f7ba83ebfc82021-12-17 11:28:05.066root 11241100x800000000000000080819Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.066{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63cfd699cce90b222021-12-17 11:28:05.066root 11241100x800000000000000080820Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.066{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b765821b0828f992021-12-17 11:28:05.066root 11241100x800000000000000080821Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.066{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.43160ea634b87a5f2021-12-17 11:28:05.066root 11241100x800000000000000080822Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.066{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.04c0b4ef35af592a2021-12-17 11:28:05.066root 11241100x800000000000000080823Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a52fafe8d605dd672021-12-17 11:28:05.067root 11241100x800000000000000080824Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f1c3afd16e5db6852021-12-17 11:28:05.067root 11241100x800000000000000080825Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af6ebcc95d0049612021-12-17 11:28:05.067root 11241100x800000000000000080826Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.075043e21a06d4852021-12-17 11:28:05.067root 11241100x800000000000000080827Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.970182bf570692c92021-12-17 11:28:05.067root 11241100x800000000000000080828Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.068{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c00583596aa2fbf2021-12-17 11:28:05.068root 11241100x800000000000000080829Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.068{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.938f67a93807b96b2021-12-17 11:28:05.068root 11241100x800000000000000080830Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.068{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a9c063d9ec4ac4612021-12-17 11:28:05.068root 11241100x800000000000000080831Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.068{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b8703af85c163dad2021-12-17 11:28:05.068root 11241100x800000000000000080832Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.068{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c11247aa2ed73bd2021-12-17 11:28:05.068root 11241100x800000000000000080833Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.069{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dcece03abe694b5b2021-12-17 11:28:05.069root 11241100x800000000000000080834Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.069{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3762ba76ed47f892021-12-17 11:28:05.069root 11241100x800000000000000080835Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.069{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c9eccd7435acd5352021-12-17 11:28:05.069root 11241100x800000000000000080836Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.069{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a49f121796d678f92021-12-17 11:28:05.069root 11241100x800000000000000080837Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.069{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec52c23a4a558cf22021-12-17 11:28:05.069root 11241100x800000000000000080838Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.069{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d53ce20afaafe6c22021-12-17 11:28:05.069root 11241100x800000000000000080839Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.070{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de07f85250936ec32021-12-17 11:28:05.070root 11241100x800000000000000080840Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.070{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.115966cf03ff549e2021-12-17 11:28:05.070root 11241100x800000000000000080841Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.070{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f68c444cda45ca732021-12-17 11:28:05.070root 11241100x800000000000000080842Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.070{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.883f94526f3dc7482021-12-17 11:28:05.070root 11241100x800000000000000080843Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.070{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02d5ee6085a030fe2021-12-17 11:28:05.070root 11241100x800000000000000080844Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.070{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.44806340f7bee6552021-12-17 11:28:05.070root 11241100x800000000000000080845Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.070{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf65e80b24a70e632021-12-17 11:28:05.070root 11241100x800000000000000080846Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.070{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.becd75cb00cd058a2021-12-17 11:28:05.070root 11241100x800000000000000080847Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.070{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.79ffc25eb8de49f32021-12-17 11:28:05.070root 11241100x800000000000000080848Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.070{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.59768ce0d23a63db2021-12-17 11:28:05.070root 11241100x800000000000000080849Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.070{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b06f347f9e7ffb12021-12-17 11:28:05.070root 11241100x800000000000000080850Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.070{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9275d44428684ec32021-12-17 11:28:05.070root 11241100x800000000000000080851Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.071{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.255d00cda66612df2021-12-17 11:28:05.071root 11241100x800000000000000080852Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.071{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f6ad34be8c4644172021-12-17 11:28:05.071root 11241100x800000000000000080853Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.071{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a3d2d30f2e7e90ae2021-12-17 11:28:05.071root 11241100x800000000000000080854Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.071{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d3b33e042fa5ba932021-12-17 11:28:05.071root 11241100x800000000000000080855Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.071{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.212b2232b87ec9ff2021-12-17 11:28:05.071root 11241100x800000000000000080856Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.071{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3fd273a53ffcf3a32021-12-17 11:28:05.071root 11241100x800000000000000080857Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.071{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c06c50441a0f10672021-12-17 11:28:05.071root 11241100x800000000000000080858Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.071{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63d1319e1c54c7bc2021-12-17 11:28:05.071root 11241100x800000000000000080859Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.071{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b5f94f99b4abd762021-12-17 11:28:05.071root 11241100x800000000000000080860Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.071{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d302305f449128882021-12-17 11:28:05.071root 11241100x800000000000000080861Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.071{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed431dca12f007cc2021-12-17 11:28:05.071root 11241100x800000000000000080862Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.071{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.28e688d447939f452021-12-17 11:28:05.071root 11241100x800000000000000080863Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.071{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0b75a6781a6b0222021-12-17 11:28:05.071root 11241100x800000000000000080864Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.071{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e441bddb1e6a43bd2021-12-17 11:28:05.071root 11241100x800000000000000080865Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.071{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9368a7388bf385c92021-12-17 11:28:05.071root 11241100x800000000000000080866Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.072{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f8d9fbcf80518a662021-12-17 11:28:05.072root 11241100x800000000000000080867Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.072{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f708d5b224c8d572021-12-17 11:28:05.072root 11241100x800000000000000080868Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.072{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e19154047ad486c32021-12-17 11:28:05.072root 11241100x800000000000000080869Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.072{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a4564800e7f43c02021-12-17 11:28:05.072root 11241100x800000000000000080870Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.072{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bf491ad0e61f60692021-12-17 11:28:05.072root 11241100x800000000000000080871Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.072{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bf7c4803fa3bd6312021-12-17 11:28:05.072root 11241100x800000000000000080872Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.072{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.11cd0416673f05cb2021-12-17 11:28:05.072root 11241100x800000000000000080873Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.072{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be6b7926c363559d2021-12-17 11:28:05.072root 11241100x800000000000000080874Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.072{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e421754c425b717e2021-12-17 11:28:05.072root 11241100x800000000000000080875Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.072{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8fe62043de740afa2021-12-17 11:28:05.072root 11241100x800000000000000080876Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.072{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.547d2c753af9f4122021-12-17 11:28:05.072root 11241100x800000000000000080877Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.072{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa3439ed804d25b72021-12-17 11:28:05.072root 11241100x800000000000000080878Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.073{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ae91ae3ca3abc9c2021-12-17 11:28:05.073root 11241100x800000000000000080879Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.073{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3def362e58890e492021-12-17 11:28:05.073root 11241100x800000000000000080880Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.073{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f019a4a61fb08f722021-12-17 11:28:05.073root 11241100x800000000000000080881Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c9255fecd03f8a3d2021-12-17 11:28:05.557root 11241100x800000000000000080882Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a625cd0783a1f002021-12-17 11:28:05.557root 11241100x800000000000000080883Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e2821cb948a41b52021-12-17 11:28:05.557root 11241100x800000000000000080884Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c56085765a35a8d2021-12-17 11:28:05.557root 11241100x800000000000000080885Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.243a64fe2638c9382021-12-17 11:28:05.557root 11241100x800000000000000080886Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.704ae9c04f8190882021-12-17 11:28:05.558root 11241100x800000000000000080887Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c292078e18571c72021-12-17 11:28:05.558root 11241100x800000000000000080888Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9f9aff9912ce4a8a2021-12-17 11:28:05.558root 11241100x800000000000000080889Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41f23c4e433e3f922021-12-17 11:28:05.558root 11241100x800000000000000080890Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.499e8a0d96b5ab332021-12-17 11:28:05.558root 11241100x800000000000000080891Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f73de1fa7bebdd432021-12-17 11:28:05.558root 11241100x800000000000000080892Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.82653bf5fd5f1f382021-12-17 11:28:05.558root 11241100x800000000000000080893Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1986ffc8f344fb182021-12-17 11:28:05.558root 11241100x800000000000000080894Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e5eb67f84dd334cc2021-12-17 11:28:05.559root 11241100x800000000000000080895Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.78af9cd5113d9eac2021-12-17 11:28:05.559root 11241100x800000000000000080896Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b81bada15eece5e82021-12-17 11:28:05.559root 11241100x800000000000000080897Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3bb5f38d05a3a94f2021-12-17 11:28:05.559root 11241100x800000000000000080898Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8034bd37c6b2799b2021-12-17 11:28:05.559root 11241100x800000000000000080899Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.062871ee1670414b2021-12-17 11:28:05.559root 11241100x800000000000000080900Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41a39f301d0bc07e2021-12-17 11:28:05.559root 11241100x800000000000000080901Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cef7d78f88910a572021-12-17 11:28:05.559root 11241100x800000000000000080902Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.93c7b27ec90fb1632021-12-17 11:28:05.560root 11241100x800000000000000080903Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a79428ed60780a42021-12-17 11:28:05.561root 11241100x800000000000000080904Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38b492b542c720252021-12-17 11:28:05.561root 11241100x800000000000000080905Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cbd1cda3af92f55f2021-12-17 11:28:05.561root 11241100x800000000000000080906Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d421d1812bad67812021-12-17 11:28:05.562root 11241100x800000000000000080907Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ccd796a2e82e313c2021-12-17 11:28:05.562root 11241100x800000000000000080908Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02818942cb7187232021-12-17 11:28:05.563root 11241100x800000000000000080909Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f5a8c8e19e2a26f2021-12-17 11:28:05.563root 11241100x800000000000000080910Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e498972816d73882021-12-17 11:28:05.564root 11241100x800000000000000080911Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b5505b04f8da9ea2021-12-17 11:28:05.564root 11241100x800000000000000080912Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3072ee02ab8b28fe2021-12-17 11:28:05.564root 11241100x800000000000000080913Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca8022b61402f1ae2021-12-17 11:28:05.564root 11241100x800000000000000080914Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eedad50b1d8bf3b02021-12-17 11:28:05.564root 11241100x800000000000000080915Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0234e12b6c64aa42021-12-17 11:28:05.564root 11241100x800000000000000080916Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a49026e8b79d9daa2021-12-17 11:28:05.564root 11241100x800000000000000080917Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c70d4f78d0fe98862021-12-17 11:28:05.564root 11241100x800000000000000080918Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f52d0ba65775ac92021-12-17 11:28:05.565root 11241100x800000000000000080919Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1ad027c6410de102021-12-17 11:28:05.565root 11241100x800000000000000080920Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0abb4fce3690ad592021-12-17 11:28:05.565root 11241100x800000000000000080921Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a169ae90eb2b4b0b2021-12-17 11:28:05.565root 11241100x800000000000000080922Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e5d01a87210c8f052021-12-17 11:28:05.565root 11241100x800000000000000080923Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d078e634ed5cbbc2021-12-17 11:28:05.565root 11241100x800000000000000080924Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f4ae12dbeda42ad02021-12-17 11:28:05.565root 11241100x800000000000000080925Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.566{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc6d07b36b316dab2021-12-17 11:28:05.566root 11241100x800000000000000080926Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.566{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6742123c802c68f02021-12-17 11:28:05.566root 11241100x800000000000000080927Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.566{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.178a4211b53947ab2021-12-17 11:28:05.566root 11241100x800000000000000080928Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.567{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c1c7bd383c94d6372021-12-17 11:28:05.567root 11241100x800000000000000080929Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.567{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.472d8e621f2e03ff2021-12-17 11:28:05.567root 11241100x800000000000000080930Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.567{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47f015b2511483402021-12-17 11:28:05.567root 11241100x800000000000000080931Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.567{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.14adb12c2ba2cd4a2021-12-17 11:28:05.567root 11241100x800000000000000080932Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.567{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.096d1a9ef923b4c02021-12-17 11:28:05.567root 11241100x800000000000000080933Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.567{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.51e470b6611d08c12021-12-17 11:28:05.567root 11241100x800000000000000080934Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.569{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7e76651b40fe7322021-12-17 11:28:05.569root 11241100x800000000000000080935Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.569{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ac2ee4e2e40e3582021-12-17 11:28:05.569root 11241100x800000000000000080936Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3afbef696bda39b52021-12-17 11:28:06.057root 11241100x800000000000000080937Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.66034d606aa10fe02021-12-17 11:28:06.057root 11241100x800000000000000080938Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f0cdd3b87b1c177c2021-12-17 11:28:06.057root 11241100x800000000000000080939Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5319ed96d2e10b112021-12-17 11:28:06.057root 11241100x800000000000000080940Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c212f69f201d6a452021-12-17 11:28:06.058root 11241100x800000000000000080941Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.78faa1144dc2c85a2021-12-17 11:28:06.058root 11241100x800000000000000080942Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cccae581c4f76e772021-12-17 11:28:06.058root 11241100x800000000000000080943Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7eb2d543185f59c52021-12-17 11:28:06.058root 11241100x800000000000000080944Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c2466a4d3d862ba2021-12-17 11:28:06.058root 11241100x800000000000000080945Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e3bade991229ed322021-12-17 11:28:06.059root 11241100x800000000000000080946Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96b3bf5b573240382021-12-17 11:28:06.059root 11241100x800000000000000080947Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.399c9304dfb1dca72021-12-17 11:28:06.059root 11241100x800000000000000080948Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.22a25439115dd53a2021-12-17 11:28:06.059root 11241100x800000000000000080949Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.24704758234a99a82021-12-17 11:28:06.059root 11241100x800000000000000080950Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8e5865cffd6e7932021-12-17 11:28:06.059root 11241100x800000000000000080951Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.19703b0781fddd322021-12-17 11:28:06.060root 11241100x800000000000000080952Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c9a850d4b2fd74d12021-12-17 11:28:06.060root 11241100x800000000000000080953Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95e66d330f04afd32021-12-17 11:28:06.060root 11241100x800000000000000080954Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.46ebac6818edab592021-12-17 11:28:06.060root 11241100x800000000000000080955Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0dce9a1820755e822021-12-17 11:28:06.060root 11241100x800000000000000080956Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e03ab7d61001f9f52021-12-17 11:28:06.061root 11241100x800000000000000080957Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd07fbdc0bb9d5e22021-12-17 11:28:06.061root 11241100x800000000000000080958Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c9e7ca2884a6b1f2021-12-17 11:28:06.061root 11241100x800000000000000080959Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b1ae2052b07d93102021-12-17 11:28:06.061root 11241100x800000000000000080960Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ceb03cc1849d26242021-12-17 11:28:06.062root 11241100x800000000000000080961Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c924822ba6df6c1f2021-12-17 11:28:06.062root 11241100x800000000000000080962Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a5727ec200c60f32021-12-17 11:28:06.062root 11241100x800000000000000080963Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3dc4e443bb9bb802021-12-17 11:28:06.063root 11241100x800000000000000080964Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ebcc2b4d7dc40112021-12-17 11:28:06.063root 11241100x800000000000000080965Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6af0cbd2d38020dc2021-12-17 11:28:06.063root 11241100x800000000000000080966Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a9e9006f45d3a1f62021-12-17 11:28:06.063root 11241100x800000000000000080967Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.31ecd590a455340f2021-12-17 11:28:06.063root 11241100x800000000000000080968Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1921b64da1e36e6d2021-12-17 11:28:06.064root 11241100x800000000000000080969Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a7aae16389f0ad82021-12-17 11:28:06.064root 11241100x800000000000000080970Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.411159c4494e70ac2021-12-17 11:28:06.064root 11241100x800000000000000080971Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.05ca2f80c35ffb112021-12-17 11:28:06.064root 11241100x800000000000000080972Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae97d51ba4301b9b2021-12-17 11:28:06.064root 11241100x800000000000000080973Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.554e10cefe2039c42021-12-17 11:28:06.065root 11241100x800000000000000080974Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a1178e070b397c82021-12-17 11:28:06.065root 11241100x800000000000000080975Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7af88c1bc6de36822021-12-17 11:28:06.065root 11241100x800000000000000080976Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e29f8346a5e578582021-12-17 11:28:06.065root 11241100x800000000000000080977Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af0e0cf88af2c25a2021-12-17 11:28:06.065root 11241100x800000000000000080978Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c7e5035221f811e2021-12-17 11:28:06.065root 11241100x800000000000000080979Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a5d8b1fb28aec9382021-12-17 11:28:06.065root 11241100x800000000000000080980Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d8469c3aa5e9d4f2021-12-17 11:28:06.065root 11241100x800000000000000080981Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.066{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0af1b94d1dd4782e2021-12-17 11:28:06.066root 11241100x800000000000000080982Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.066{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8bfb0cb5eaa1af3f2021-12-17 11:28:06.066root 11241100x800000000000000080983Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.066{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9fa84ad9977925482021-12-17 11:28:06.066root 11241100x800000000000000080984Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.066{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.afcb24f7766a208d2021-12-17 11:28:06.066root 11241100x800000000000000080985Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.066{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.68d4736a81dc3c3f2021-12-17 11:28:06.066root 11241100x800000000000000080986Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.066{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3cb438f17f8171bb2021-12-17 11:28:06.066root 11241100x800000000000000080987Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.066{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.55a7e0eeff1017be2021-12-17 11:28:06.066root 11241100x800000000000000080988Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.066{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f9cebfcdb63aacc02021-12-17 11:28:06.066root 11241100x800000000000000080989Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae2613a4d145fb1b2021-12-17 11:28:06.067root 11241100x800000000000000080990Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8153432d0cbe84d92021-12-17 11:28:06.067root 11241100x800000000000000080991Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c757b8e2309991b32021-12-17 11:28:06.067root 11241100x800000000000000080992Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5058e4b7379153402021-12-17 11:28:06.067root 11241100x800000000000000080993Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aee03bc43b5e8ce02021-12-17 11:28:06.067root 11241100x800000000000000080994Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca918b2a6f38e7722021-12-17 11:28:06.067root 11241100x800000000000000080995Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.140efab5ba62fb632021-12-17 11:28:06.067root 11241100x800000000000000080996Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.35c60b7ce384a5f22021-12-17 11:28:06.067root 11241100x800000000000000080997Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9462f18bdb3948822021-12-17 11:28:06.067root 11241100x800000000000000080998Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.068{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.974e6fca3ec3b68c2021-12-17 11:28:06.068root 11241100x800000000000000080999Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.068{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5dbdcb7fd64860d62021-12-17 11:28:06.068root 11241100x800000000000000081000Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.068{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de99f2765ae995c72021-12-17 11:28:06.068root 11241100x800000000000000081001Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.068{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8fc05e6982965a2b2021-12-17 11:28:06.068root 11241100x800000000000000081002Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.068{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0daf9abd226900a72021-12-17 11:28:06.068root 11241100x800000000000000081003Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.068{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.190b10a8d1eafe552021-12-17 11:28:06.068root 11241100x800000000000000081004Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.068{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e9407e1d13e52ae2021-12-17 11:28:06.068root 11241100x800000000000000081005Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.068{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.adf78cbc3a87f8d82021-12-17 11:28:06.068root 11241100x800000000000000081006Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.069{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0e28212008e06302021-12-17 11:28:06.069root 11241100x800000000000000081007Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.069{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e5805bd84ede58de2021-12-17 11:28:06.069root 11241100x800000000000000081008Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.069{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.78fcc79a66ef7bed2021-12-17 11:28:06.069root 11241100x800000000000000081009Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.069{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.45d8f924dbadf4f82021-12-17 11:28:06.069root 11241100x800000000000000081010Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.069{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cadae0797c28f1932021-12-17 11:28:06.069root 11241100x800000000000000081011Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.069{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e554a2077d279ec2021-12-17 11:28:06.069root 11241100x800000000000000081012Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.069{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.19e0de5202f4bd082021-12-17 11:28:06.069root 11241100x800000000000000081013Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.069{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7348f84f151ed7cd2021-12-17 11:28:06.069root 11241100x800000000000000081014Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.070{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe6c6e70419d71582021-12-17 11:28:06.070root 11241100x800000000000000081015Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.070{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.623881356d1fd8be2021-12-17 11:28:06.070root 11241100x800000000000000081016Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.070{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bf8f5eb96b95275c2021-12-17 11:28:06.070root 11241100x800000000000000081017Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.070{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.37b1af0aa12722e62021-12-17 11:28:06.070root 11241100x800000000000000081018Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.070{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.72cb3508f7e718c12021-12-17 11:28:06.070root 11241100x800000000000000081019Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd96b944b1ca7fb92021-12-17 11:28:06.558root 11241100x800000000000000081020Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ad06e11797c3f48a2021-12-17 11:28:06.558root 11241100x800000000000000081021Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1127342abcff22832021-12-17 11:28:06.558root 11241100x800000000000000081022Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.539eaee2c63e6a602021-12-17 11:28:06.558root 11241100x800000000000000081023Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.470da42167a712012021-12-17 11:28:06.559root 11241100x800000000000000081024Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d053503e37901f62021-12-17 11:28:06.559root 11241100x800000000000000081025Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1476d4537b571d22021-12-17 11:28:06.559root 11241100x800000000000000081026Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2181590fd25147032021-12-17 11:28:06.559root 11241100x800000000000000081027Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d749a053ce03cc32021-12-17 11:28:06.559root 11241100x800000000000000081028Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d6513b178f240682021-12-17 11:28:06.559root 11241100x800000000000000081029Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.025ea65e981ef67e2021-12-17 11:28:06.559root 11241100x800000000000000081030Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b9b082f7f196e232021-12-17 11:28:06.559root 11241100x800000000000000081031Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.70bfd67ce8d0f5772021-12-17 11:28:06.560root 11241100x800000000000000081032Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a265ee21bb4ce4a2021-12-17 11:28:06.560root 11241100x800000000000000081033Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da06c2004a2930902021-12-17 11:28:06.560root 11241100x800000000000000081034Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.86301ac8d493bc742021-12-17 11:28:06.560root 11241100x800000000000000081035Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2839f4dbc7c779902021-12-17 11:28:06.560root 11241100x800000000000000081036Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe665702d62fae4b2021-12-17 11:28:06.560root 11241100x800000000000000081037Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.15e1a7e8a7e0da012021-12-17 11:28:06.561root 11241100x800000000000000081038Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b86513caba77f9632021-12-17 11:28:06.561root 11241100x800000000000000081039Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.866a2e479bb5093f2021-12-17 11:28:06.561root 11241100x800000000000000081040Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8876353dac2350312021-12-17 11:28:06.561root 11241100x800000000000000081041Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e144bc13ef24db92021-12-17 11:28:06.561root 11241100x800000000000000081042Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a3f2007673486e22021-12-17 11:28:06.561root 11241100x800000000000000081043Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.daa7fa1bebb6c5e52021-12-17 11:28:06.561root 11241100x800000000000000081044Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2038396c84d5ea6f2021-12-17 11:28:06.561root 11241100x800000000000000081045Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee24d54da992df7b2021-12-17 11:28:06.562root 11241100x800000000000000081046Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8de598fbe86f4ae2021-12-17 11:28:06.562root 11241100x800000000000000081047Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.73387ebebc24f20f2021-12-17 11:28:06.562root 11241100x800000000000000081048Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c25af7b0971864a62021-12-17 11:28:06.562root 11241100x800000000000000081049Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c7dfeed77f94d072021-12-17 11:28:06.562root 11241100x800000000000000081050Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8fa56a73cfe49cc72021-12-17 11:28:06.562root 11241100x800000000000000081051Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6175d4b120180c1b2021-12-17 11:28:06.562root 11241100x800000000000000081052Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.07f32439f841ffb42021-12-17 11:28:06.562root 11241100x800000000000000081053Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b8f435ab54aa00bd2021-12-17 11:28:06.563root 11241100x800000000000000081054Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee3575c4daf274de2021-12-17 11:28:06.563root 11241100x800000000000000081055Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.767e16ff5beaa45e2021-12-17 11:28:06.563root 11241100x800000000000000081056Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e983323a1347bfc2021-12-17 11:28:06.563root 11241100x800000000000000081057Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.13e46d3f7bc40ba62021-12-17 11:28:06.563root 11241100x800000000000000081058Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a3a3e5ebdac691cd2021-12-17 11:28:06.563root 11241100x800000000000000081059Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.53577b0ddde6d36c2021-12-17 11:28:06.564root 11241100x800000000000000081060Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c3c580a0365dead72021-12-17 11:28:06.564root 11241100x800000000000000081061Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a132eb0ab9eb92282021-12-17 11:28:06.564root 11241100x800000000000000081062Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e4ebd2c11d9a91f2021-12-17 11:28:06.564root 11241100x800000000000000081063Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21627fa3d4daa9ca2021-12-17 11:28:06.564root 11241100x800000000000000081064Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9bf5d67c60a128552021-12-17 11:28:06.564root 11241100x800000000000000081065Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4638dd23c6f803842021-12-17 11:28:06.565root 11241100x800000000000000081066Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.68132d492a0aae802021-12-17 11:28:06.565root 11241100x800000000000000081067Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae222486fbbf2d012021-12-17 11:28:06.565root 11241100x800000000000000081068Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c31ff6cf55a125d52021-12-17 11:28:06.565root 11241100x800000000000000081069Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d462243b2b08b952021-12-17 11:28:06.565root 11241100x800000000000000081070Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e3a5463ade341362021-12-17 11:28:06.565root 11241100x800000000000000081071Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25c39322c56a7c392021-12-17 11:28:06.565root 11241100x800000000000000081072Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.566{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.514071b4ab78e3682021-12-17 11:28:06.566root 11241100x800000000000000081073Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.566{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fdf26c31091cf9362021-12-17 11:28:06.566root 11241100x800000000000000081074Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.566{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a5647a20fcbcbbe02021-12-17 11:28:06.566root 11241100x800000000000000081075Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.566{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f90d302a761bbdc12021-12-17 11:28:06.566root 11241100x800000000000000081076Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.566{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ec724c03024a8a52021-12-17 11:28:06.566root 11241100x800000000000000081077Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.566{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.37e1f9e3e0be49682021-12-17 11:28:06.566root 11241100x800000000000000081078Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.566{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4d3c5debd0d969dd2021-12-17 11:28:06.566root 11241100x800000000000000081079Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.566{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.20b868392ed772a42021-12-17 11:28:06.566root 11241100x800000000000000081080Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.566{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7d4f4ab2854dd052021-12-17 11:28:06.566root 11241100x800000000000000081081Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.567{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f32c6c2588ccbe5a2021-12-17 11:28:06.567root 11241100x800000000000000081082Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.567{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef5f522cc1e80d4c2021-12-17 11:28:06.567root 11241100x800000000000000081083Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.567{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0fb8b4ad3b1a17f82021-12-17 11:28:06.567root 11241100x800000000000000081084Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.567{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.80be491d6b09ea812021-12-17 11:28:06.567root 11241100x800000000000000081085Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.567{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0765f6821b3fb28f2021-12-17 11:28:06.567root 11241100x800000000000000081086Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.567{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0231fa145720c6ac2021-12-17 11:28:06.567root 11241100x800000000000000081087Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.567{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eae24c610281928e2021-12-17 11:28:06.567root 11241100x800000000000000081088Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.568{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd8023207f201f4c2021-12-17 11:28:06.568root 11241100x800000000000000081089Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.568{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae6d74b0eaa9d3802021-12-17 11:28:06.568root 11241100x800000000000000081090Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.568{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.79c5f26b0097ec532021-12-17 11:28:06.568root 11241100x800000000000000081091Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.568{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7780d3abb2e58c882021-12-17 11:28:06.568root 11241100x800000000000000081092Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.568{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0a1e6106864cc6b2021-12-17 11:28:06.568root 11241100x800000000000000081093Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.568{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76baa351f0f1f8df2021-12-17 11:28:06.568root 11241100x800000000000000081094Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.569{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21bb1fe117d023662021-12-17 11:28:06.569root 11241100x800000000000000081095Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.569{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c1f49c326a47e842021-12-17 11:28:06.569root 11241100x800000000000000081096Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.569{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af384585c84318ac2021-12-17 11:28:06.569root 11241100x800000000000000081097Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.570{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c15c44759cf7ae132021-12-17 11:28:06.570root 11241100x800000000000000081098Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.570{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77797cb5fe8e7bc62021-12-17 11:28:06.570root 11241100x800000000000000081099Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.570{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90333781bd3c81352021-12-17 11:28:06.570root 11241100x800000000000000081100Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.570{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3bc161f5cacc809e2021-12-17 11:28:06.570root 11241100x800000000000000081101Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.570{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9aec70013ce7bc32021-12-17 11:28:06.570root 11241100x800000000000000081102Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.570{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae1196b6bfd6297e2021-12-17 11:28:06.570root 11241100x800000000000000081103Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.570{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.89ee9b05a4482eef2021-12-17 11:28:06.570root 11241100x800000000000000081104Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.570{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e9a993171b06d1c2021-12-17 11:28:06.570root 11241100x800000000000000081105Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.571{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a4ec020bda4cf6c72021-12-17 11:28:06.571root 11241100x800000000000000081106Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.571{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3cb07ae29913994e2021-12-17 11:28:06.571root 11241100x800000000000000081107Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.571{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f5b6d6228a762bc2021-12-17 11:28:06.571root 11241100x800000000000000081108Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.571{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c76cd0037a086912021-12-17 11:28:06.571root 11241100x800000000000000081109Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.571{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.649069078f9558af2021-12-17 11:28:06.571root 11241100x800000000000000081110Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.571{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d01d1a785ae5a4f2021-12-17 11:28:06.571root 11241100x800000000000000081111Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.571{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.36f07b42a7a3836f2021-12-17 11:28:06.571root 11241100x800000000000000081112Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.571{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a54188bfcbad2cf32021-12-17 11:28:06.571root 11241100x800000000000000081113Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.571{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fbb834a792b953ab2021-12-17 11:28:06.571root 11241100x800000000000000081114Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.571{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.85029c153dc353cc2021-12-17 11:28:06.571root 11241100x800000000000000081115Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.571{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.49dc03c9c83fb5192021-12-17 11:28:06.571root 11241100x800000000000000081116Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.572{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f5fdb251bd4ee3a02021-12-17 11:28:06.572root 11241100x800000000000000081117Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21560cffbb7fc9f42021-12-17 11:28:07.058root 11241100x800000000000000081118Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f2644e0d2eadb2eb2021-12-17 11:28:07.058root 11241100x800000000000000081119Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.72c3eb008f7786632021-12-17 11:28:07.059root 11241100x800000000000000081120Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca1a3b0cc1c239042021-12-17 11:28:07.059root 11241100x800000000000000081121Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.34b60cb0353eec9f2021-12-17 11:28:07.059root 11241100x800000000000000081122Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.766da0214f3d13612021-12-17 11:28:07.059root 11241100x800000000000000081123Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.410ae053b558677a2021-12-17 11:28:07.059root 11241100x800000000000000081124Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f5ad4ee002d1e9892021-12-17 11:28:07.059root 11241100x800000000000000081125Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f75489839751012b2021-12-17 11:28:07.059root 11241100x800000000000000081126Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dbb79faff839d4b32021-12-17 11:28:07.059root 11241100x800000000000000081127Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af6e160e29a9079b2021-12-17 11:28:07.059root 11241100x800000000000000081128Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c3368b59daaa81972021-12-17 11:28:07.059root 11241100x800000000000000081129Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.000c32834dafa9b72021-12-17 11:28:07.060root 11241100x800000000000000081130Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f2df6db2ffb470d82021-12-17 11:28:07.060root 11241100x800000000000000081131Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c218d506beaacca2021-12-17 11:28:07.060root 11241100x800000000000000081132Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b959de4d9a0d67e2021-12-17 11:28:07.060root 11241100x800000000000000081133Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.56d607d75dd999de2021-12-17 11:28:07.060root 11241100x800000000000000081134Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a690ae8b794b5262021-12-17 11:28:07.060root 11241100x800000000000000081135Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba05c0f843bce6222021-12-17 11:28:07.060root 11241100x800000000000000081136Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f93040aecbef7c12021-12-17 11:28:07.060root 11241100x800000000000000081137Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4f65a366ac20f492021-12-17 11:28:07.060root 11241100x800000000000000081138Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c97ae6a42a3fa132021-12-17 11:28:07.060root 11241100x800000000000000081139Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4777ad813d8374f92021-12-17 11:28:07.060root 11241100x800000000000000081140Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dcbe9c5bf4ff5f6d2021-12-17 11:28:07.060root 11241100x800000000000000081141Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.240c5039dfa4d21c2021-12-17 11:28:07.060root 11241100x800000000000000081142Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8cffca038f7e3e542021-12-17 11:28:07.060root 11241100x800000000000000081143Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a934623127785362021-12-17 11:28:07.060root 11241100x800000000000000081144Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3511f1c6af6500f92021-12-17 11:28:07.060root 11241100x800000000000000081145Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b0a9623498a07792021-12-17 11:28:07.061root 11241100x800000000000000081146Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee30083a392101062021-12-17 11:28:07.061root 11241100x800000000000000081147Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c5b3d5451551ba092021-12-17 11:28:07.061root 11241100x800000000000000081148Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.51494b45069fb6fc2021-12-17 11:28:07.061root 11241100x800000000000000081149Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be500ce860c894152021-12-17 11:28:07.061root 11241100x800000000000000081150Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.359bdb60da12d46a2021-12-17 11:28:07.061root 11241100x800000000000000081151Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.71a9a6439b8597702021-12-17 11:28:07.061root 11241100x800000000000000081152Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.78c976cf459808bf2021-12-17 11:28:07.061root 11241100x800000000000000081153Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc51b89a353c30042021-12-17 11:28:07.061root 11241100x800000000000000081154Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db7199ad6978cf622021-12-17 11:28:07.061root 11241100x800000000000000081155Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6e68cfd34cec085a2021-12-17 11:28:07.061root 11241100x800000000000000081156Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d3ebf1a7a7f373782021-12-17 11:28:07.061root 11241100x800000000000000081157Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9dcc341b29d48c412021-12-17 11:28:07.061root 11241100x800000000000000081158Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d3d263e028968cc52021-12-17 11:28:07.061root 11241100x800000000000000081159Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e62c49917d6a0c5f2021-12-17 11:28:07.061root 11241100x800000000000000081160Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd0e485d25b6033a2021-12-17 11:28:07.061root 11241100x800000000000000081161Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.264932892638818d2021-12-17 11:28:07.062root 11241100x800000000000000081162Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.01217c5e9eb949ab2021-12-17 11:28:07.062root 11241100x800000000000000081163Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb25991e75e329352021-12-17 11:28:07.062root 11241100x800000000000000081164Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.109742e62b3f15552021-12-17 11:28:07.062root 11241100x800000000000000081165Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3db4d1abeb3017542021-12-17 11:28:07.062root 11241100x800000000000000081166Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ef8eb8b4c50e0232021-12-17 11:28:07.062root 11241100x800000000000000081167Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54a521277f96bc822021-12-17 11:28:07.062root 11241100x800000000000000081168Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9dfd4050fc61e9eb2021-12-17 11:28:07.062root 11241100x800000000000000081169Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e775ade117656f22021-12-17 11:28:07.062root 11241100x800000000000000081170Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.556{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d264bf03ddbb6ced2021-12-17 11:28:07.556root 11241100x800000000000000081171Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9443dab00b1b6e492021-12-17 11:28:07.557root 11241100x800000000000000081172Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0826eb2544a32a8b2021-12-17 11:28:07.557root 11241100x800000000000000081173Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.efcf63d783895b852021-12-17 11:28:07.557root 11241100x800000000000000081174Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d81a3b738725ebe2021-12-17 11:28:07.558root 11241100x800000000000000081175Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c77aa9d9af9b7bd32021-12-17 11:28:07.558root 11241100x800000000000000081176Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b54e69821a4d1fa02021-12-17 11:28:07.558root 11241100x800000000000000081177Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b06594b792c47bbc2021-12-17 11:28:07.559root 11241100x800000000000000081178Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.843f70753cbc04a82021-12-17 11:28:07.559root 11241100x800000000000000081179Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.409fd23ef5f4a92d2021-12-17 11:28:07.559root 11241100x800000000000000081180Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b0ee4a74fe6c6512021-12-17 11:28:07.559root 11241100x800000000000000081181Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d95ea30742639862021-12-17 11:28:07.560root 11241100x800000000000000081182Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e897e01c0be2db7c2021-12-17 11:28:07.560root 11241100x800000000000000081183Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d3f86630b72bdae42021-12-17 11:28:07.560root 11241100x800000000000000081184Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.46e8dd4072120da32021-12-17 11:28:07.560root 11241100x800000000000000081185Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cbd8d222c9ea3a0e2021-12-17 11:28:07.561root 11241100x800000000000000081186Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.26088946964c4f802021-12-17 11:28:07.561root 11241100x800000000000000081187