11241100x800000000000000080138Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.675a2b69279d41882021-12-17 11:27:59.058root 11241100x800000000000000080139Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.857aa551d50f05752021-12-17 11:27:59.058root 11241100x800000000000000080140Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd6b45ef1c08ad632021-12-17 11:27:59.058root 11241100x800000000000000080141Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1261790a09cba582021-12-17 11:27:59.058root 11241100x800000000000000080142Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3ee20824568c8482021-12-17 11:27:59.058root 11241100x800000000000000080143Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e5795a178dd6a3812021-12-17 11:27:59.058root 11241100x800000000000000080144Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.01aba9940de5332b2021-12-17 11:27:59.059root 11241100x800000000000000080145Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.67fadb7fca1b57cb2021-12-17 11:27:59.059root 11241100x800000000000000080146Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8acf1a823f8ac8d02021-12-17 11:27:59.059root 11241100x800000000000000080147Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0129890c4b9c88552021-12-17 11:27:59.059root 11241100x800000000000000080148Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b3e0364acf6716c2021-12-17 11:27:59.059root 11241100x800000000000000080149Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.27d3ed6550bbde9f2021-12-17 11:27:59.059root 11241100x800000000000000080150Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.047750f9280473052021-12-17 11:27:59.059root 11241100x800000000000000080151Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ada7adadfb6529c2021-12-17 11:27:59.059root 11241100x800000000000000080152Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da093d91045e2bd02021-12-17 11:27:59.059root 11241100x800000000000000080153Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0fd208df5da9e08c2021-12-17 11:27:59.059root 11241100x800000000000000080154Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.52ebb794f87f47a92021-12-17 11:27:59.059root 11241100x800000000000000080155Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d349a31741ba2db2021-12-17 11:27:59.059root 11241100x800000000000000080156Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.afa10dc9ebcb718d2021-12-17 11:27:59.059root 11241100x800000000000000080157Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8a3751fdc6a75a212021-12-17 11:27:59.059root 11241100x800000000000000080158Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a609cebe2496fba2021-12-17 11:27:59.059root 11241100x800000000000000080159Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.487ab73bded997dd2021-12-17 11:27:59.060root 11241100x800000000000000080160Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2dc223df62c603c02021-12-17 11:27:59.060root 11241100x800000000000000080161Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.50d55784aea8533c2021-12-17 11:27:59.060root 11241100x800000000000000080162Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.66246e25df1bcc222021-12-17 11:27:59.060root 11241100x800000000000000080163Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ff9e99e4cb7f4e72021-12-17 11:27:59.060root 11241100x800000000000000080164Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9fb1248ffdbcf5c52021-12-17 11:27:59.060root 11241100x800000000000000080165Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.614ba62ea076f5e22021-12-17 11:27:59.060root 11241100x800000000000000080166Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4dd0184ff8c9c0792021-12-17 11:27:59.060root 11241100x800000000000000080167Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa864884e4cfcb832021-12-17 11:27:59.060root 11241100x800000000000000080168Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5539a8f453d11f512021-12-17 11:27:59.060root 11241100x800000000000000080169Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.32534d25419750cd2021-12-17 11:27:59.060root 11241100x800000000000000080170Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6671d9e69fe404ef2021-12-17 11:27:59.060root 11241100x800000000000000080171Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6be900ea89131e82021-12-17 11:27:59.060root 11241100x800000000000000080172Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.719ed00d178d876c2021-12-17 11:27:59.060root 11241100x800000000000000080173Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a111cd308de660c2021-12-17 11:27:59.061root 11241100x800000000000000080174Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2639f4a167cd9cdc2021-12-17 11:27:59.061root 11241100x800000000000000080175Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eab585944c5254f32021-12-17 11:27:59.061root 11241100x800000000000000080176Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac2161cfc99466e02021-12-17 11:27:59.061root 11241100x800000000000000080177Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.266a189a70e92bd52021-12-17 11:27:59.061root 11241100x800000000000000080178Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc769346e3b259342021-12-17 11:27:59.061root 11241100x800000000000000080179Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e3c3d0fd9e2eb1892021-12-17 11:27:59.061root 11241100x800000000000000080180Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6953ecb7bbbcb3bf2021-12-17 11:27:59.061root 11241100x800000000000000080181Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc9d6d568c0781c62021-12-17 11:27:59.061root 11241100x800000000000000080182Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.94728dab5ee4c89b2021-12-17 11:27:59.061root 11241100x800000000000000080183Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.890d55b996f91b302021-12-17 11:27:59.061root 11241100x800000000000000080184Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1bd9c50073f5e7882021-12-17 11:27:59.061root 11241100x800000000000000080185Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe794253f5a75ee12021-12-17 11:27:59.558root 11241100x800000000000000080186Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.89a0754be07edf4f2021-12-17 11:27:59.558root 11241100x800000000000000080187Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6fae4347fd9e47e52021-12-17 11:27:59.558root 11241100x800000000000000080188Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dcc24f975ac043112021-12-17 11:27:59.558root 11241100x800000000000000080189Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ced1c902902e2582021-12-17 11:27:59.558root 11241100x800000000000000080190Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dbbb3d1ee05cb9ef2021-12-17 11:27:59.559root 11241100x800000000000000080191Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bfb5e26fba1a7be82021-12-17 11:27:59.559root 11241100x800000000000000080192Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f44dc45cea1cfa3a2021-12-17 11:27:59.559root 11241100x800000000000000080193Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f81c3999c5af7dce2021-12-17 11:27:59.559root 11241100x800000000000000080194Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.018b291f1411431c2021-12-17 11:27:59.559root 11241100x800000000000000080195Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2330e09bd9ddb342021-12-17 11:27:59.559root 11241100x800000000000000080196Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e398819f11f93b582021-12-17 11:27:59.559root 11241100x800000000000000080197Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6d3ba2d6fff0b882021-12-17 11:27:59.559root 11241100x800000000000000080198Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f4fc73d1245e1ea42021-12-17 11:27:59.559root 11241100x800000000000000080199Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e8e6f5f2a2178692021-12-17 11:27:59.559root 11241100x800000000000000080200Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.028c4b7aa02b4e212021-12-17 11:27:59.559root 11241100x800000000000000080201Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.753f34dba63b452d2021-12-17 11:27:59.559root 11241100x800000000000000080202Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b3871ef869ba4372021-12-17 11:27:59.559root 11241100x800000000000000080203Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4587a986638a4c142021-12-17 11:27:59.559root 11241100x800000000000000080204Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e5b57703730e150f2021-12-17 11:27:59.560root 11241100x800000000000000080205Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.722e7625ce894af42021-12-17 11:27:59.560root 11241100x800000000000000080206Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc60abeefeb549c02021-12-17 11:27:59.560root 11241100x800000000000000080207Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a4acd2de80b69632021-12-17 11:27:59.560root 11241100x800000000000000080208Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a299aa0b8a090ca42021-12-17 11:27:59.560root 11241100x800000000000000080209Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.34859df1b1cc14b12021-12-17 11:27:59.560root 11241100x800000000000000080210Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a9de24ac1c3977032021-12-17 11:27:59.560root 11241100x800000000000000080211Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6452490712121f22021-12-17 11:27:59.560root 11241100x800000000000000080212Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d4ae5bed6fedac002021-12-17 11:27:59.560root 11241100x800000000000000080213Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.823937d40c9ffb642021-12-17 11:27:59.560root 11241100x800000000000000080214Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8357e4e3573538d92021-12-17 11:27:59.560root 11241100x800000000000000080215Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.951279cfc080aaec2021-12-17 11:27:59.560root 11241100x800000000000000080216Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.57b09069cffc95292021-12-17 11:27:59.560root 11241100x800000000000000080217Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4af5358658e6f4e82021-12-17 11:27:59.560root 11241100x800000000000000080218Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d4db36c104f33492021-12-17 11:27:59.560root 11241100x800000000000000080219Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.84ff2482c4cc022e2021-12-17 11:27:59.561root 11241100x800000000000000080220Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3c942f232d1f0b762021-12-17 11:27:59.561root 11241100x800000000000000080221Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b569916873d59df2021-12-17 11:27:59.561root 11241100x800000000000000080222Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.589b6d9de9f363692021-12-17 11:27:59.561root 11241100x800000000000000080223Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.40379a2ef1a79c852021-12-17 11:27:59.561root 11241100x800000000000000080224Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.40c171bb80d5804a2021-12-17 11:27:59.561root 11241100x800000000000000080225Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eee5d4fa05a5aacd2021-12-17 11:27:59.561root 11241100x800000000000000080226Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.209ac2253076baaf2021-12-17 11:27:59.561root 11241100x800000000000000080227Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.371aef5fde39049b2021-12-17 11:27:59.561root 11241100x800000000000000080228Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4de8f8fb08d67fe42021-12-17 11:27:59.561root 11241100x800000000000000080229Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f9563317754adb22021-12-17 11:27:59.561root 11241100x800000000000000080230Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac3595105a2844682021-12-17 11:27:59.561root 11241100x800000000000000080231Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:27:59.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f05f740cf1a945632021-12-17 11:27:59.561root 11241100x800000000000000080232Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aec77713414a26aa2021-12-17 11:28:00.058root 11241100x800000000000000080233Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.65a73637d11903052021-12-17 11:28:00.058root 11241100x800000000000000080234Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e2a2a5eccef55a4a2021-12-17 11:28:00.058root 11241100x800000000000000080235Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d1d044f7c39a4c12021-12-17 11:28:00.058root 11241100x800000000000000080236Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3dceb9630aeb38f12021-12-17 11:28:00.059root 11241100x800000000000000080237Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.682f72df306589b02021-12-17 11:28:00.059root 11241100x800000000000000080238Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc768bfb478126772021-12-17 11:28:00.059root 11241100x800000000000000080239Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd23d0fb3f2c8a192021-12-17 11:28:00.059root 11241100x800000000000000080240Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8eaaec7822a4ffba2021-12-17 11:28:00.059root 11241100x800000000000000080241Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cbe990255c0221692021-12-17 11:28:00.059root 11241100x800000000000000080242Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dfa782fae5f196f82021-12-17 11:28:00.059root 11241100x800000000000000080243Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d5b36b0b872cd4672021-12-17 11:28:00.059root 11241100x800000000000000080244Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e94ab83420739b02021-12-17 11:28:00.059root 11241100x800000000000000080245Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be42ebefa87282672021-12-17 11:28:00.059root 11241100x800000000000000080246Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2943b22c999ffd0a2021-12-17 11:28:00.059root 11241100x800000000000000080247Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c0a8664e20d82e92021-12-17 11:28:00.059root 11241100x800000000000000080248Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.130fb9d7a46348ba2021-12-17 11:28:00.059root 11241100x800000000000000080249Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b83b3787849c9432021-12-17 11:28:00.059root 11241100x800000000000000080250Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bdab1259b51eb9072021-12-17 11:28:00.059root 11241100x800000000000000080251Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.72072ebc736a67372021-12-17 11:28:00.060root 11241100x800000000000000080252Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ffce7d640b8caf442021-12-17 11:28:00.060root 11241100x800000000000000080253Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d2ebce27f96529862021-12-17 11:28:00.060root 11241100x800000000000000080254Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f868acf3eceaf3082021-12-17 11:28:00.060root 11241100x800000000000000080255Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.292481c6463f34fc2021-12-17 11:28:00.060root 11241100x800000000000000080256Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa34a73ae80d5cb82021-12-17 11:28:00.060root 11241100x800000000000000080257Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f50f00b761b6dee22021-12-17 11:28:00.060root 11241100x800000000000000080258Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c8e09921e9c4072d2021-12-17 11:28:00.060root 11241100x800000000000000080259Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a7721239a2a17b72021-12-17 11:28:00.060root 11241100x800000000000000080260Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.73ea30ca5af2fefa2021-12-17 11:28:00.060root 11241100x800000000000000080261Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7cd32c302c5ebdff2021-12-17 11:28:00.060root 11241100x800000000000000080262Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3698a7c50858dc7b2021-12-17 11:28:00.060root 11241100x800000000000000080263Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0bea71d8330cf1a32021-12-17 11:28:00.060root 11241100x800000000000000080264Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.22851f37766e1e652021-12-17 11:28:00.060root 11241100x800000000000000080265Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a41ac5135ebe72d2021-12-17 11:28:00.060root 11241100x800000000000000080266Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4fd97f10f13ebfcc2021-12-17 11:28:00.061root 11241100x800000000000000080267Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8733a5367d35e1c92021-12-17 11:28:00.061root 11241100x800000000000000080268Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be7cb29420f9c4472021-12-17 11:28:00.061root 11241100x800000000000000080269Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f504ab8f0253f3522021-12-17 11:28:00.061root 11241100x800000000000000080270Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3980d970862501b82021-12-17 11:28:00.061root 11241100x800000000000000080271Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0df9cef74799ef1b2021-12-17 11:28:00.061root 11241100x800000000000000080272Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f98be0dac78552f82021-12-17 11:28:00.061root 11241100x800000000000000080273Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.46c777466dd7a2762021-12-17 11:28:00.061root 11241100x800000000000000080274Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3dcc008683f432182021-12-17 11:28:00.061root 11241100x800000000000000080275Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7943bb9488bf0cff2021-12-17 11:28:00.061root 11241100x800000000000000080276Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.50b6d457eb51125c2021-12-17 11:28:00.061root 11241100x800000000000000080277Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6438f99326c6797f2021-12-17 11:28:00.062root 11241100x800000000000000080278Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.13f89aece6a4c7502021-12-17 11:28:00.062root 11241100x800000000000000080279Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.187{ec28ba6a-709b-61bc-30d8-78dfe0550000}5175/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log2021-12-17 11:28:00.187root 11241100x800000000000000080280Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d659ee1e3d6e7e372021-12-17 11:28:00.558root 11241100x800000000000000080281Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b199ba8e63226352021-12-17 11:28:00.558root 11241100x800000000000000080282Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.083eb10b567cadd32021-12-17 11:28:00.559root 11241100x800000000000000080283Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.52abcf0a8facc4a42021-12-17 11:28:00.559root 11241100x800000000000000080284Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.03eb50ba8e8db50b2021-12-17 11:28:00.559root 11241100x800000000000000080285Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.78bd2463fd6706012021-12-17 11:28:00.559root 11241100x800000000000000080286Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b60a4d12333c4972021-12-17 11:28:00.560root 11241100x800000000000000080287Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9bdaae7ba7faaed2021-12-17 11:28:00.560root 11241100x800000000000000080288Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.61a51d69bd2e79832021-12-17 11:28:00.560root 11241100x800000000000000080289Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8cd637a02476c1f82021-12-17 11:28:00.560root 11241100x800000000000000080290Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.acfd4ae5153a73122021-12-17 11:28:00.560root 11241100x800000000000000080291Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1683134f1ac2a9ce2021-12-17 11:28:00.560root 11241100x800000000000000080292Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.acdfbcdbc64795922021-12-17 11:28:00.560root 11241100x800000000000000080293Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.68c784657107ad842021-12-17 11:28:00.560root 11241100x800000000000000080294Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3cb436cad02373ea2021-12-17 11:28:00.560root 11241100x800000000000000080295Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fafbd3c3d754c6752021-12-17 11:28:00.561root 11241100x800000000000000080296Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ef49a0b746f1fc02021-12-17 11:28:00.561root 11241100x800000000000000080297Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b68c82bdf93fdd572021-12-17 11:28:00.561root 11241100x800000000000000080298Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.53e85c546ab3fc4b2021-12-17 11:28:00.561root 11241100x800000000000000080299Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00adcd932da1709e2021-12-17 11:28:00.561root 11241100x800000000000000080300Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c41f11e5a9a684c82021-12-17 11:28:00.561root 11241100x800000000000000080301Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a493ab59a81d3292021-12-17 11:28:00.561root 11241100x800000000000000080302Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7f62d6b4aaca6bc2021-12-17 11:28:00.561root 11241100x800000000000000080303Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e066be70579cf702021-12-17 11:28:00.561root 11241100x800000000000000080304Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4698f7c0c1d699e72021-12-17 11:28:00.562root 11241100x800000000000000080305Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b731d3370315e3102021-12-17 11:28:00.562root 11241100x800000000000000080306Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8aebc4b3f1c7a4ce2021-12-17 11:28:00.562root 11241100x800000000000000080307Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ecafdf61500719832021-12-17 11:28:00.562root 11241100x800000000000000080308Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e3a52567b8a145a2021-12-17 11:28:00.562root 11241100x800000000000000080309Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.371bedab4fa8d28f2021-12-17 11:28:00.563root 11241100x800000000000000080310Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.28046d2e9804834d2021-12-17 11:28:00.563root 11241100x800000000000000080311Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e1bfc5796810daba2021-12-17 11:28:00.563root 11241100x800000000000000080312Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fdca75a04eceeea12021-12-17 11:28:00.563root 11241100x800000000000000080313Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9126241394e6a5002021-12-17 11:28:00.563root 11241100x800000000000000080314Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.151b19ed1fcf9ac92021-12-17 11:28:00.563root 11241100x800000000000000080315Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aaea2660d67c5d892021-12-17 11:28:00.563root 11241100x800000000000000080316Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.75284e13474c21a62021-12-17 11:28:00.564root 11241100x800000000000000080317Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1ea8366470d522042021-12-17 11:28:00.564root 11241100x800000000000000080318Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f9e125351b9cb49b2021-12-17 11:28:00.564root 11241100x800000000000000080319Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.59a4bcd59116afc92021-12-17 11:28:00.564root 11241100x800000000000000080320Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8f7350c9ac3cb472021-12-17 11:28:00.564root 11241100x800000000000000080321Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95651c7def5a9f9a2021-12-17 11:28:00.564root 11241100x800000000000000080322Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2a68bdb3594b794f2021-12-17 11:28:00.564root 11241100x800000000000000080323Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd642922979d8ea42021-12-17 11:28:00.565root 11241100x800000000000000080324Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1db31c166ccec7aa2021-12-17 11:28:00.565root 11241100x800000000000000080325Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a17fe6b4167b6c72021-12-17 11:28:00.565root 11241100x800000000000000080326Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ebe13eebe1bfc3d52021-12-17 11:28:00.565root 11241100x800000000000000080327Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:00.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.40af8bfe85996a132021-12-17 11:28:00.565root 11241100x800000000000000080328Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a887a1c23e2cf6d2021-12-17 11:28:01.057root 11241100x800000000000000080329Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c756d0bd25c4f6a2021-12-17 11:28:01.057root 11241100x800000000000000080330Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f592cf28991fd9dd2021-12-17 11:28:01.057root 11241100x800000000000000080331Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5dba3d26def246952021-12-17 11:28:01.057root 11241100x800000000000000080332Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4db28c7aa856f64f2021-12-17 11:28:01.057root 11241100x800000000000000080333Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.20ba7b168112b8f82021-12-17 11:28:01.057root 11241100x800000000000000080334Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c1604744e4263e3c2021-12-17 11:28:01.057root 11241100x800000000000000080335Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e96009c8d7c5e4922021-12-17 11:28:01.057root 11241100x800000000000000080336Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48f87b5e164faa872021-12-17 11:28:01.057root 11241100x800000000000000080337Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7af523eff04f5e32021-12-17 11:28:01.058root 11241100x800000000000000080338Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48c96e9209e653bc2021-12-17 11:28:01.058root 11241100x800000000000000080339Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c21d9fdaf004a4fa2021-12-17 11:28:01.058root 11241100x800000000000000080340Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aaa0c6f5e1f447922021-12-17 11:28:01.058root 11241100x800000000000000080341Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7104b38b4bbd36e82021-12-17 11:28:01.058root 11241100x800000000000000080342Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b2ff1202c2ede4fe2021-12-17 11:28:01.058root 11241100x800000000000000080343Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.65bb8d25bb5eba362021-12-17 11:28:01.058root 11241100x800000000000000080344Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f57288a5ecf9fcc2021-12-17 11:28:01.058root 11241100x800000000000000080345Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9c4490110b4f2242021-12-17 11:28:01.058root 11241100x800000000000000080346Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b947af80b34da2e52021-12-17 11:28:01.058root 11241100x800000000000000080347Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0ce7d3f9f88fa7e2021-12-17 11:28:01.059root 11241100x800000000000000080348Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b98d0cf6dcac1a72021-12-17 11:28:01.059root 11241100x800000000000000080349Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f3cc0b520aa05ba2021-12-17 11:28:01.059root 11241100x800000000000000080350Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.15e4f67cddf74ec62021-12-17 11:28:01.059root 11241100x800000000000000080351Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ef0fcb3a9832fbf2021-12-17 11:28:01.059root 11241100x800000000000000080352Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b00f90a91f615152021-12-17 11:28:01.059root 11241100x800000000000000080353Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac0c8ef9248aff8e2021-12-17 11:28:01.059root 11241100x800000000000000080354Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e6b16c8794df73d2021-12-17 11:28:01.059root 11241100x800000000000000080355Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd85ec0db7ed4bdc2021-12-17 11:28:01.059root 11241100x800000000000000080356Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b954771dc6ef73a42021-12-17 11:28:01.060root 11241100x800000000000000080357Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fcf1e800793667402021-12-17 11:28:01.060root 11241100x800000000000000080358Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47a9efc866ededfb2021-12-17 11:28:01.060root 11241100x800000000000000080359Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.980923a0915a42192021-12-17 11:28:01.060root 11241100x800000000000000080360Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cfcb4478202215792021-12-17 11:28:01.060root 11241100x800000000000000080361Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7853a6233a2d9d122021-12-17 11:28:01.060root 11241100x800000000000000080362Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.49d57e773dcfa7a22021-12-17 11:28:01.060root 11241100x800000000000000080363Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76b50155b867d3ad2021-12-17 11:28:01.060root 11241100x800000000000000080364Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3f6d080d8cf15eb2021-12-17 11:28:01.060root 11241100x800000000000000080365Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b3d3fefd789b0722021-12-17 11:28:01.060root 11241100x800000000000000080366Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c3c585e92a911e482021-12-17 11:28:01.060root 11241100x800000000000000080367Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f52910eabbd3710c2021-12-17 11:28:01.061root 11241100x800000000000000080368Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.79438e168d4baca72021-12-17 11:28:01.061root 11241100x800000000000000080369Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c7603b4765b65d22021-12-17 11:28:01.061root 11241100x800000000000000080370Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f36695e85c0dc2eb2021-12-17 11:28:01.061root 11241100x800000000000000080371Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.06425bfb178a08a92021-12-17 11:28:01.062root 11241100x800000000000000080372Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d29560c973583bf92021-12-17 11:28:01.062root 11241100x800000000000000080373Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a986fc26479f3dd2021-12-17 11:28:01.062root 11241100x800000000000000080374Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.55cfcee6f9a9a8fd2021-12-17 11:28:01.062root 11241100x800000000000000080375Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9f6d1090ce11a9d92021-12-17 11:28:01.062root 11241100x800000000000000080376Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a89cade8bf824b72021-12-17 11:28:01.063root 11241100x800000000000000080377Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.986f6c82c28fb6652021-12-17 11:28:01.063root 11241100x800000000000000080378Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5338af1135e311d02021-12-17 11:28:01.063root 11241100x800000000000000080379Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f4fe02391ad70d32021-12-17 11:28:01.063root 11241100x800000000000000080380Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.454d0e4204c0b20b2021-12-17 11:28:01.063root 11241100x800000000000000080381Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd3e959edd1ae7512021-12-17 11:28:01.063root 11241100x800000000000000080382Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.afd824828c5821942021-12-17 11:28:01.063root 11241100x800000000000000080383Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.28b870b5e1ed31342021-12-17 11:28:01.063root 11241100x800000000000000080384Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0a276d074b35a732021-12-17 11:28:01.064root 11241100x800000000000000080385Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38df54de31e37f962021-12-17 11:28:01.064root 11241100x800000000000000080386Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2085a585d4cd96162021-12-17 11:28:01.064root 11241100x800000000000000080387Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.59e36558a7dd1a152021-12-17 11:28:01.064root 11241100x800000000000000080388Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c639feb53e9471ba2021-12-17 11:28:01.064root 11241100x800000000000000080389Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed0e550b929b96bc2021-12-17 11:28:01.064root 11241100x800000000000000080390Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a60d38a0586184b42021-12-17 11:28:01.064root 11241100x800000000000000080391Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c8b09360b07d5c8a2021-12-17 11:28:01.064root 11241100x800000000000000080392Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed7e5050f50e96a12021-12-17 11:28:01.064root 11241100x800000000000000080393Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f9db182df91d18d2021-12-17 11:28:01.064root 11241100x800000000000000080394Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.804e748e6e96fe482021-12-17 11:28:01.064root 11241100x800000000000000080395Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8dccf17d03ab68f62021-12-17 11:28:01.064root 11241100x800000000000000080396Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a2c8286f2a8156df2021-12-17 11:28:01.064root 11241100x800000000000000080397Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63b6e12824e6d7a52021-12-17 11:28:01.064root 11241100x800000000000000080398Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed672ec39d1730602021-12-17 11:28:01.064root 11241100x800000000000000080399Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.46edca4f14119b8f2021-12-17 11:28:01.064root 11241100x800000000000000080400Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ea00f4e560e0de682021-12-17 11:28:01.065root 11241100x800000000000000080401Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b15142e7646cffe92021-12-17 11:28:01.065root 11241100x800000000000000080402Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bea763552e8e16522021-12-17 11:28:01.065root 11241100x800000000000000080403Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48458f96171f73582021-12-17 11:28:01.065root 11241100x800000000000000080404Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b8595d89962a2ee2021-12-17 11:28:01.065root 11241100x800000000000000080405Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.369656fa457074772021-12-17 11:28:01.065root 11241100x800000000000000080406Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.12a9324ba00968932021-12-17 11:28:01.065root 11241100x800000000000000080407Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cfd3e818f515dd022021-12-17 11:28:01.065root 11241100x800000000000000080408Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bfed04646107a8ad2021-12-17 11:28:01.065root 11241100x800000000000000080409Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b47b81a838c0b9f72021-12-17 11:28:01.065root 11241100x800000000000000080410Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9200425ccbd9b3f92021-12-17 11:28:01.065root 11241100x800000000000000080411Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.86f9d7539bee609a2021-12-17 11:28:01.065root 11241100x800000000000000080412Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.066{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f1927c7c31e50a62021-12-17 11:28:01.066root 11241100x800000000000000080413Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.124b2dde98c7b8252021-12-17 11:28:01.558root 11241100x800000000000000080414Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e08377a2d7995fe32021-12-17 11:28:01.558root 11241100x800000000000000080415Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4bd1b6d5d63344d82021-12-17 11:28:01.559root 11241100x800000000000000080416Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb247a6bb9eeba592021-12-17 11:28:01.559root 11241100x800000000000000080417Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c7a33dbe2cf1e0792021-12-17 11:28:01.559root 11241100x800000000000000080418Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.727405719c0ddf772021-12-17 11:28:01.559root 11241100x800000000000000080419Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c16eb4e3ed494bcd2021-12-17 11:28:01.559root 11241100x800000000000000080420Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.15bc43194835bb372021-12-17 11:28:01.559root 11241100x800000000000000080421Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f2f70163662d25d62021-12-17 11:28:01.559root 11241100x800000000000000080422Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3664d13011bea0bd2021-12-17 11:28:01.560root 11241100x800000000000000080423Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9562b318f4579ea92021-12-17 11:28:01.560root 11241100x800000000000000080424Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8029dc84a5f38932021-12-17 11:28:01.560root 11241100x800000000000000080425Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.afce570bb1b526ec2021-12-17 11:28:01.560root 11241100x800000000000000080426Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be4e3a4bad5101942021-12-17 11:28:01.560root 11241100x800000000000000080427Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.876259caa14c0c9f2021-12-17 11:28:01.560root 11241100x800000000000000080428Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a24d956b29d223cf2021-12-17 11:28:01.561root 11241100x800000000000000080429Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.66c13f858dd9e0722021-12-17 11:28:01.561root 11241100x800000000000000080430Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.438f9ecaa339d4172021-12-17 11:28:01.561root 11241100x800000000000000080431Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.17dbb5753969a6722021-12-17 11:28:01.561root 11241100x800000000000000080432Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b802945cbb969f332021-12-17 11:28:01.561root 11241100x800000000000000080433Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.67b08c0fb1044ba12021-12-17 11:28:01.561root 11241100x800000000000000080434Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f577e3e45d81c6592021-12-17 11:28:01.561root 11241100x800000000000000080435Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e01d85a5998215fe2021-12-17 11:28:01.561root 11241100x800000000000000080436Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.80bdb467dd9d0b212021-12-17 11:28:01.561root 11241100x800000000000000080437Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.44bf32c6205306532021-12-17 11:28:01.561root 11241100x800000000000000080438Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.219975787b8896952021-12-17 11:28:01.561root 11241100x800000000000000080439Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e5fa82d74f998dee2021-12-17 11:28:01.562root 11241100x800000000000000080440Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc563eedce368a9f2021-12-17 11:28:01.562root 11241100x800000000000000080441Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ae8a1e976ea1fea2021-12-17 11:28:01.562root 11241100x800000000000000080442Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ccf61fc4b37856352021-12-17 11:28:01.562root 11241100x800000000000000080443Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bbec122302f9dc0c2021-12-17 11:28:01.562root 11241100x800000000000000080444Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc7f0dd909bf6a242021-12-17 11:28:01.562root 11241100x800000000000000080445Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0681badfc510e5102021-12-17 11:28:01.563root 11241100x800000000000000080446Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.27d2756598cc0fa52021-12-17 11:28:01.563root 11241100x800000000000000080447Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.067fbe15f79aff272021-12-17 11:28:01.563root 11241100x800000000000000080448Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.46e89cadad046d7c2021-12-17 11:28:01.563root 11241100x800000000000000080449Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff21b512460c75872021-12-17 11:28:01.563root 11241100x800000000000000080450Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.514c8f7a177a31d82021-12-17 11:28:01.563root 11241100x800000000000000080451Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.465981a6db5bdd9e2021-12-17 11:28:01.564root 11241100x800000000000000080452Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d745fb2bdcd6183e2021-12-17 11:28:01.564root 11241100x800000000000000080453Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df205e5dd99094432021-12-17 11:28:01.564root 11241100x800000000000000080454Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90ca9cea630519cf2021-12-17 11:28:01.564root 11241100x800000000000000080455Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d0dde54da7a4b8b12021-12-17 11:28:01.564root 11241100x800000000000000080456Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.135ac3222965c4742021-12-17 11:28:01.564root 11241100x800000000000000080457Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f86226e1c84113b2021-12-17 11:28:01.564root 11241100x800000000000000080458Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76813f8ffb8f04d52021-12-17 11:28:01.564root 11241100x800000000000000080459Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2b310952ec9cce12021-12-17 11:28:01.565root 11241100x800000000000000080460Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:01.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4884fabd37155ef22021-12-17 11:28:01.565root 11241100x800000000000000080461Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7efeeab467aced942021-12-17 11:28:02.056root 11241100x800000000000000080462Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a69809f049f95a702021-12-17 11:28:02.057root 11241100x800000000000000080463Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f8024f12cb734eda2021-12-17 11:28:02.057root 11241100x800000000000000080464Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eccbf0dc99574d602021-12-17 11:28:02.058root 11241100x800000000000000080465Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.906ea2852bcf20c62021-12-17 11:28:02.058root 11241100x800000000000000080466Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d2671f209a2f72a82021-12-17 11:28:02.059root 11241100x800000000000000080467Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a846e9cff527d5e2021-12-17 11:28:02.059root 11241100x800000000000000080468Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.853aa4a0f433bcf82021-12-17 11:28:02.059root 11241100x800000000000000080469Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc9e8c81c92e0b452021-12-17 11:28:02.059root 11241100x800000000000000080470Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c190d2cc078e238f2021-12-17 11:28:02.059root 11241100x800000000000000080471Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa9aea48bf40db2a2021-12-17 11:28:02.059root 11241100x800000000000000080472Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.755335e32d0879d42021-12-17 11:28:02.060root 11241100x800000000000000080473Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.11fa0ba06f55129c2021-12-17 11:28:02.060root 11241100x800000000000000080474Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b69903140dd066e82021-12-17 11:28:02.060root 11241100x800000000000000080475Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d01b0c3fe4fb68cc2021-12-17 11:28:02.060root 11241100x800000000000000080476Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd1948c2abf8ca322021-12-17 11:28:02.060root 11241100x800000000000000080477Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9279ce73861500b62021-12-17 11:28:02.060root 11241100x800000000000000080478Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eaa5273a9e5700222021-12-17 11:28:02.060root 11241100x800000000000000080479Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.37f7187a6a9fcb912021-12-17 11:28:02.060root 11241100x800000000000000080480Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.babd28096aca9a102021-12-17 11:28:02.060root 11241100x800000000000000080481Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a545b1bf32637d92021-12-17 11:28:02.060root 11241100x800000000000000080482Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fefcbe8cae8d516f2021-12-17 11:28:02.060root 11241100x800000000000000080483Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ab5d11baf63e7b382021-12-17 11:28:02.061root 11241100x800000000000000080484Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6056740e7d14612e2021-12-17 11:28:02.061root 11241100x800000000000000080485Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be021d020708a3eb2021-12-17 11:28:02.061root 11241100x800000000000000080486Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b90282cae6fec782021-12-17 11:28:02.061root 11241100x800000000000000080487Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a011f1052f2bbdb2021-12-17 11:28:02.061root 11241100x800000000000000080488Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90f0de604d2ffac42021-12-17 11:28:02.061root 11241100x800000000000000080489Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23081ae8d044efdf2021-12-17 11:28:02.061root 11241100x800000000000000080490Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6af7300067cfd8002021-12-17 11:28:02.061root 11241100x800000000000000080491Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.724575cc65d40a682021-12-17 11:28:02.061root 11241100x800000000000000080492Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.97d1c079d17601092021-12-17 11:28:02.061root 11241100x800000000000000080493Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc75e97efa41f6f32021-12-17 11:28:02.062root 11241100x800000000000000080494Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02d05a019d894ce62021-12-17 11:28:02.062root 11241100x800000000000000080495Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c99bb08e9f985aa2021-12-17 11:28:02.062root 11241100x800000000000000080496Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.82d870e225bc0acc2021-12-17 11:28:02.062root 11241100x800000000000000080497Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f72dc9e4ed2ff9442021-12-17 11:28:02.062root 11241100x800000000000000080498Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5482b8e24dea958d2021-12-17 11:28:02.063root 11241100x800000000000000080499Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.52282200261195452021-12-17 11:28:02.063root 11241100x800000000000000080500Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b42b985e1e5248392021-12-17 11:28:02.063root 11241100x800000000000000080501Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3aecc670f552bfda2021-12-17 11:28:02.063root 11241100x800000000000000080502Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2cfc59d2969afb5e2021-12-17 11:28:02.063root 11241100x800000000000000080503Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5654422513f568702021-12-17 11:28:02.063root 11241100x800000000000000080504Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0983a121e1c89c572021-12-17 11:28:02.064root 11241100x800000000000000080505Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0db0a661852ef6802021-12-17 11:28:02.064root 11241100x800000000000000080506Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.649bc0525614f5202021-12-17 11:28:02.064root 11241100x800000000000000080507Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4aec2f5c5965b60b2021-12-17 11:28:02.064root 11241100x800000000000000080508Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.554ee0b99785729c2021-12-17 11:28:02.064root 11241100x800000000000000080509Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f3f4d52175b5b032021-12-17 11:28:02.064root 11241100x800000000000000080510Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.08d28462b667bd262021-12-17 11:28:02.064root 11241100x800000000000000080511Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ab71c2bc34fc6aa92021-12-17 11:28:02.064root 11241100x800000000000000080512Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.56ec51c741eca5fc2021-12-17 11:28:02.064root 11241100x800000000000000080513Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0fcb4cab6ea00d782021-12-17 11:28:02.558root 11241100x800000000000000080514Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0ca9f4a2cc4a0862021-12-17 11:28:02.558root 11241100x800000000000000080515Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.53914eca54f696d82021-12-17 11:28:02.558root 11241100x800000000000000080516Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ecb1870d7f949432021-12-17 11:28:02.558root 11241100x800000000000000080517Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ea48f203ba2f61fa2021-12-17 11:28:02.559root 11241100x800000000000000080518Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe19f7b33cf7a77e2021-12-17 11:28:02.559root 11241100x800000000000000080519Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8df3300e609e524c2021-12-17 11:28:02.559root 11241100x800000000000000080520Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fcd91a10629802fe2021-12-17 11:28:02.559root 11241100x800000000000000080521Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.edf2a7f7625b42282021-12-17 11:28:02.559root 11241100x800000000000000080522Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aeeac62343973ff52021-12-17 11:28:02.559root 11241100x800000000000000080523Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c8eccb39861e45542021-12-17 11:28:02.559root 11241100x800000000000000080524Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7703a135f21c64f82021-12-17 11:28:02.559root 11241100x800000000000000080525Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7193b7a971bd9d112021-12-17 11:28:02.560root 11241100x800000000000000080526Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8961604e43eba8002021-12-17 11:28:02.560root 11241100x800000000000000080527Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.835ff416517199172021-12-17 11:28:02.560root 11241100x800000000000000080528Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af46272c3decfb4b2021-12-17 11:28:02.560root 11241100x800000000000000080529Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.81a038360131e5612021-12-17 11:28:02.560root 11241100x800000000000000080530Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.82a80771689529272021-12-17 11:28:02.560root 11241100x800000000000000080531Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b2552407f525a66a2021-12-17 11:28:02.560root 11241100x800000000000000080532Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b07673fb05901ee2021-12-17 11:28:02.560root 11241100x800000000000000080533Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bcb00eb8729cf5352021-12-17 11:28:02.560root 11241100x800000000000000080534Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47754f5579a234d12021-12-17 11:28:02.560root 11241100x800000000000000080535Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0fccce2b0441a8942021-12-17 11:28:02.560root 11241100x800000000000000080536Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1386758353a189732021-12-17 11:28:02.561root 11241100x800000000000000080537Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec5e0bac2db231e42021-12-17 11:28:02.561root 11241100x800000000000000080538Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a361753bc0cc22922021-12-17 11:28:02.561root 11241100x800000000000000080539Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.66760c96e9785ecf2021-12-17 11:28:02.561root 11241100x800000000000000080540Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d5ac6944e8bd05482021-12-17 11:28:02.561root 11241100x800000000000000080541Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e176ae5d0bdff3ad2021-12-17 11:28:02.561root 11241100x800000000000000080542Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8705e5c2a99368272021-12-17 11:28:02.561root 11241100x800000000000000080543Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c13f04b026591c72021-12-17 11:28:02.561root 11241100x800000000000000080544Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3057bdcc0a0843d82021-12-17 11:28:02.561root 11241100x800000000000000080545Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.679ef65264a30d332021-12-17 11:28:02.561root 11241100x800000000000000080546Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4dc393b3008406502021-12-17 11:28:02.562root 11241100x800000000000000080547Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a895740575d259082021-12-17 11:28:02.562root 11241100x800000000000000080548Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.72956781b657e72d2021-12-17 11:28:02.562root 11241100x800000000000000080549Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee5471b39b76bffa2021-12-17 11:28:02.562root 11241100x800000000000000080550Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fffdabd2a25f07682021-12-17 11:28:02.562root 11241100x800000000000000080551Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae8d5d9cf6ddb16a2021-12-17 11:28:02.562root 11241100x800000000000000080552Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd384061d457465f2021-12-17 11:28:02.562root 11241100x800000000000000080553Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d05d4f7a98653c162021-12-17 11:28:02.562root 11241100x800000000000000080554Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6ca335871ebf52b2021-12-17 11:28:02.562root 11241100x800000000000000080555Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.10e4fb979cc569332021-12-17 11:28:02.562root 11241100x800000000000000080556Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2ea737dae3267622021-12-17 11:28:02.562root 11241100x800000000000000080557Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c44e69c4ea6258da2021-12-17 11:28:02.563root 11241100x800000000000000080558Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c7c785233f8264382021-12-17 11:28:02.563root 11241100x800000000000000080559Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ae6c95aba7aaadb2021-12-17 11:28:02.563root 11241100x800000000000000080560Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:02.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e1b6479ecb01b1932021-12-17 11:28:02.563root 11241100x800000000000000080561Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d8e6322cad8a7f12021-12-17 11:28:03.058root 11241100x800000000000000080562Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a3459838a0dc71d82021-12-17 11:28:03.058root 11241100x800000000000000080563Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41d223d4151093ae2021-12-17 11:28:03.058root 11241100x800000000000000080564Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f14fe43d1219ad6e2021-12-17 11:28:03.058root 11241100x800000000000000080565Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e5f551a33010fb3a2021-12-17 11:28:03.059root 11241100x800000000000000080566Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eaa22b1c7d5335d72021-12-17 11:28:03.059root 11241100x800000000000000080567Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9056511b0096b3292021-12-17 11:28:03.059root 11241100x800000000000000080568Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e40ace42ac7fbc152021-12-17 11:28:03.059root 11241100x800000000000000080569Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.65d15d54e45c4bd32021-12-17 11:28:03.059root 11241100x800000000000000080570Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a7583b648894bcf2021-12-17 11:28:03.059root 11241100x800000000000000080571Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d7aecafe07c81682021-12-17 11:28:03.059root 11241100x800000000000000080572Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff22b9ae5b219f922021-12-17 11:28:03.059root 11241100x800000000000000080573Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dbc6cd128867a89f2021-12-17 11:28:03.059root 11241100x800000000000000080574Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b6ed860cff1a8de82021-12-17 11:28:03.059root 11241100x800000000000000080575Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ecd3f8ef10a2cdc2021-12-17 11:28:03.059root 11241100x800000000000000080576Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7674952820ebf4c82021-12-17 11:28:03.059root 11241100x800000000000000080577Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e78b4a9eb9438842021-12-17 11:28:03.059root 11241100x800000000000000080578Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ea4442f5cdabb9292021-12-17 11:28:03.059root 11241100x800000000000000080579Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.516c9809eef0d1dd2021-12-17 11:28:03.059root 11241100x800000000000000080580Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4dece40ca2d8e7d02021-12-17 11:28:03.060root 11241100x800000000000000080581Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec0b981f709eee292021-12-17 11:28:03.060root 11241100x800000000000000080582Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dff79b3122b596742021-12-17 11:28:03.060root 11241100x800000000000000080583Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a96d01e84c28e342021-12-17 11:28:03.060root 11241100x800000000000000080584Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.53594089f89208772021-12-17 11:28:03.060root 11241100x800000000000000080585Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3eb4be91fc5e41d02021-12-17 11:28:03.060root 11241100x800000000000000080586Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.943b89d483d386112021-12-17 11:28:03.060root 11241100x800000000000000080587Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d3a6820d50cda592021-12-17 11:28:03.060root 11241100x800000000000000080588Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.35c5ce7b29d125c22021-12-17 11:28:03.060root 11241100x800000000000000080589Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ac0387eca7510bc2021-12-17 11:28:03.060root 11241100x800000000000000080590Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd72d8952c5bb0962021-12-17 11:28:03.060root 11241100x800000000000000080591Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c34662830f70d352021-12-17 11:28:03.060root 11241100x800000000000000080592Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25e877baefa5e1b52021-12-17 11:28:03.060root 11241100x800000000000000080593Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1ec69276f2b25dc22021-12-17 11:28:03.060root 11241100x800000000000000080594Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.60f64646766b1a452021-12-17 11:28:03.060root 11241100x800000000000000080595Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c9166e02141dc4542021-12-17 11:28:03.060root 11241100x800000000000000080596Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e79093fd854562262021-12-17 11:28:03.061root 11241100x800000000000000080597Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce76684c6d719dfb2021-12-17 11:28:03.061root 11241100x800000000000000080598Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f07c350898f37b62021-12-17 11:28:03.061root 11241100x800000000000000080599Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6842ff2d36413cc12021-12-17 11:28:03.061root 11241100x800000000000000080600Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.46ac0e1cc7dc66df2021-12-17 11:28:03.061root 11241100x800000000000000080601Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d33a18c13a51b7f2021-12-17 11:28:03.061root 11241100x800000000000000080602Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.162f6ecb6250fd592021-12-17 11:28:03.061root 11241100x800000000000000080603Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.20e15d03f8821c6a2021-12-17 11:28:03.061root 11241100x800000000000000080604Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33942d70a76022d92021-12-17 11:28:03.061root 11241100x800000000000000080605Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee48f72b4d760ef52021-12-17 11:28:03.061root 11241100x800000000000000080606Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c06437319fa70522021-12-17 11:28:03.061root 11241100x800000000000000080607Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6d6a401153ad0342021-12-17 11:28:03.061root 11241100x800000000000000080608Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb09254c664875872021-12-17 11:28:03.061root 23542300x800000000000000080609Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.190{ec28ba6a-709b-61bc-30d8-78dfe0550000}5175root/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log--- 354300x800000000000000080610Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.223{ec28ba6a-70a3-61bc-5175-3a0400000000}5248/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-42960-false10.0.1.12-8000- 11241100x800000000000000080611Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c8025885aab14fd2021-12-17 11:28:03.558root 11241100x800000000000000080612Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.73910d386a19dff82021-12-17 11:28:03.558root 11241100x800000000000000080613Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c15a16b806331302021-12-17 11:28:03.559root 11241100x800000000000000080614Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.29a676f84f093bbc2021-12-17 11:28:03.559root 11241100x800000000000000080615Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4192c67b13eca0022021-12-17 11:28:03.559root 11241100x800000000000000080616Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b15d66f845b2e9f2021-12-17 11:28:03.559root 11241100x800000000000000080617Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00c2158f853722bb2021-12-17 11:28:03.559root 11241100x800000000000000080618Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.120a0e5002fa264c2021-12-17 11:28:03.559root 11241100x800000000000000080619Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be988ac416695c312021-12-17 11:28:03.559root 11241100x800000000000000080620Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf0c16cb363c44e52021-12-17 11:28:03.559root 11241100x800000000000000080621Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3758f0465e9f3f982021-12-17 11:28:03.559root 11241100x800000000000000080622Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.35d7df5ab1f2ef152021-12-17 11:28:03.559root 11241100x800000000000000080623Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2d51b8b0010fe392021-12-17 11:28:03.559root 11241100x800000000000000080624Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df14bab0b73dc2762021-12-17 11:28:03.560root 11241100x800000000000000080625Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c101cecee44415e2021-12-17 11:28:03.560root 11241100x800000000000000080626Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f57af188d407352f2021-12-17 11:28:03.560root 11241100x800000000000000080627Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.34309fa93eea8a4a2021-12-17 11:28:03.560root 11241100x800000000000000080628Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4fe3f9912a14459d2021-12-17 11:28:03.560root 11241100x800000000000000080629Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c29cb9ed990105682021-12-17 11:28:03.560root 11241100x800000000000000080630Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef3a21e567ede2d42021-12-17 11:28:03.560root 11241100x800000000000000080631Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.117c37c18a1c93182021-12-17 11:28:03.560root 11241100x800000000000000080632Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ff305750feb50c32021-12-17 11:28:03.560root 11241100x800000000000000080633Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.760e090d9ed5e9fc2021-12-17 11:28:03.560root 11241100x800000000000000080634Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.86a34e03bd9e47e32021-12-17 11:28:03.560root 11241100x800000000000000080635Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.51e282e29c3179bc2021-12-17 11:28:03.560root 11241100x800000000000000080636Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5050ed304a4d673a2021-12-17 11:28:03.560root 11241100x800000000000000080637Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3c7360a73abbd36c2021-12-17 11:28:03.561root 11241100x800000000000000080638Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f87b6791ee81aa42021-12-17 11:28:03.561root 11241100x800000000000000080639Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a22cba426da54f42021-12-17 11:28:03.561root 11241100x800000000000000080640Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c36c69132bf2065f2021-12-17 11:28:03.561root 11241100x800000000000000080641Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.358811b6bf2854892021-12-17 11:28:03.561root 11241100x800000000000000080642Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c10ff0b0e370216c2021-12-17 11:28:03.561root 11241100x800000000000000080643Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c8950276847543232021-12-17 11:28:03.561root 11241100x800000000000000080644Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3317acbce098a9192021-12-17 11:28:03.561root 11241100x800000000000000080645Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09666d3820009d392021-12-17 11:28:03.561root 11241100x800000000000000080646Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2742facf251906922021-12-17 11:28:03.561root 11241100x800000000000000080647Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b6fc4072eebea5572021-12-17 11:28:03.561root 11241100x800000000000000080648Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33dbe4f96ac6b9902021-12-17 11:28:03.561root 11241100x800000000000000080649Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fbe981b195b90f982021-12-17 11:28:03.561root 11241100x800000000000000080650Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b2a9e1a9667354822021-12-17 11:28:03.561root 11241100x800000000000000080651Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a77d06cd4a28c9362021-12-17 11:28:03.562root 11241100x800000000000000080652Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.68ee45cbc25e9c842021-12-17 11:28:03.562root 11241100x800000000000000080653Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.43f3e6ae6f4080752021-12-17 11:28:03.562root 11241100x800000000000000080654Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f81fd9b2d9c628ef2021-12-17 11:28:03.562root 11241100x800000000000000080655Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ded8a25011b57ad42021-12-17 11:28:03.562root 11241100x800000000000000080656Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.06cf9eb9bc1064122021-12-17 11:28:03.562root 11241100x800000000000000080657Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.26b4a604ec561e122021-12-17 11:28:03.562root 11241100x800000000000000080658Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54d0358a7adfafda2021-12-17 11:28:03.562root 11241100x800000000000000080659Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.109d77666cf223112021-12-17 11:28:03.562root 11241100x800000000000000080660Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:03.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7eb6a0db406cffd2021-12-17 11:28:03.562root 11241100x800000000000000080661Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.44fd9442309e27ca2021-12-17 11:28:04.057root 11241100x800000000000000080662Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e17bb465d84b40512021-12-17 11:28:04.057root 11241100x800000000000000080663Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.123909a9ca5262f72021-12-17 11:28:04.057root 11241100x800000000000000080664Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6803842cc79699812021-12-17 11:28:04.057root 11241100x800000000000000080665Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b4af192f15334172021-12-17 11:28:04.057root 11241100x800000000000000080666Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e610de7862a5ffd82021-12-17 11:28:04.057root 11241100x800000000000000080667Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7025741aedd74df62021-12-17 11:28:04.058root 11241100x800000000000000080668Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.82de57c8b056d3352021-12-17 11:28:04.058root 11241100x800000000000000080669Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef72619d5fb683552021-12-17 11:28:04.058root 11241100x800000000000000080670Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b6b850a7ae72acf02021-12-17 11:28:04.058root 11241100x800000000000000080671Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b63158cc270e48532021-12-17 11:28:04.058root 11241100x800000000000000080672Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5fef40929fd415f32021-12-17 11:28:04.058root 11241100x800000000000000080673Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7689a87c632b4892021-12-17 11:28:04.058root 11241100x800000000000000080674Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.56e596708dbcd2942021-12-17 11:28:04.058root 11241100x800000000000000080675Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63ea7638802c8ac92021-12-17 11:28:04.058root 11241100x800000000000000080676Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.05dd1130c7d4f2072021-12-17 11:28:04.059root 11241100x800000000000000080677Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.06273c68b3580f6e2021-12-17 11:28:04.059root 11241100x800000000000000080678Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ffc8981e0e4692f2021-12-17 11:28:04.059root 11241100x800000000000000080679Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de1ed0fd3d477d052021-12-17 11:28:04.060root 11241100x800000000000000080680Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ebd53712a4a40fd2021-12-17 11:28:04.060root 11241100x800000000000000080681Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c83d4d2d481768202021-12-17 11:28:04.060root 11241100x800000000000000080682Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3007e8f8a23daf0b2021-12-17 11:28:04.060root 11241100x800000000000000080683Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.900a1b18a7763b982021-12-17 11:28:04.060root 11241100x800000000000000080684Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7afe3190f5f8d2282021-12-17 11:28:04.060root 11241100x800000000000000080685Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b245874cc90903172021-12-17 11:28:04.060root 11241100x800000000000000080686Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96f2162ea1d0d4e62021-12-17 11:28:04.061root 11241100x800000000000000080687Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de01c851164c9b372021-12-17 11:28:04.061root 11241100x800000000000000080688Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63905fb2fe992c702021-12-17 11:28:04.061root 11241100x800000000000000080689Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0512462fc71f11de2021-12-17 11:28:04.061root 11241100x800000000000000080690Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6a9444a265347fe2021-12-17 11:28:04.061root 11241100x800000000000000080691Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9f7cffe50603170e2021-12-17 11:28:04.062root 11241100x800000000000000080692Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8d9067bac88d5ea2021-12-17 11:28:04.062root 11241100x800000000000000080693Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.57e28ff722eba3062021-12-17 11:28:04.062root 11241100x800000000000000080694Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e40d041c942d8ed32021-12-17 11:28:04.062root 11241100x800000000000000080695Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.78751a0464dafe0d2021-12-17 11:28:04.062root 11241100x800000000000000080696Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.870de844668f3f1d2021-12-17 11:28:04.062root 11241100x800000000000000080697Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.981acb067a83c1d22021-12-17 11:28:04.063root 11241100x800000000000000080698Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.67009d531a7cb84f2021-12-17 11:28:04.063root 11241100x800000000000000080699Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0f5020aa868224ed2021-12-17 11:28:04.063root 11241100x800000000000000080700Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3e397f758b909792021-12-17 11:28:04.064root 11241100x800000000000000080701Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf56e48ef3d2474f2021-12-17 11:28:04.064root 11241100x800000000000000080702Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.521f775582524b502021-12-17 11:28:04.064root 11241100x800000000000000080703Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.932997778fb760092021-12-17 11:28:04.064root 11241100x800000000000000080704Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5295476e348c7f0b2021-12-17 11:28:04.064root 11241100x800000000000000080705Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b652715f661872f32021-12-17 11:28:04.064root 11241100x800000000000000080706Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dbe1c78f0a2daff22021-12-17 11:28:04.064root 11241100x800000000000000080707Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.832c96183018d29c2021-12-17 11:28:04.064root 11241100x800000000000000080708Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.afbbde522364119c2021-12-17 11:28:04.065root 11241100x800000000000000080709Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f789a3e2f2e42552021-12-17 11:28:04.065root 11241100x800000000000000080710Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a7f6e4ab53a90aa2021-12-17 11:28:04.065root 11241100x800000000000000080711Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.722b5dc19245938d2021-12-17 11:28:04.065root 11241100x800000000000000080712Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d059924318b9c6de2021-12-17 11:28:04.065root 11241100x800000000000000080713Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.066{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.39f20b86aebf5bb42021-12-17 11:28:04.066root 11241100x800000000000000080714Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.205748d5ada4a3c12021-12-17 11:28:04.067root 11241100x800000000000000080715Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.587bdfc5dbb45c602021-12-17 11:28:04.067root 11241100x800000000000000080716Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.71eb0db154e68a4b2021-12-17 11:28:04.067root 11241100x800000000000000080717Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.80130346a280b6362021-12-17 11:28:04.067root 11241100x800000000000000080718Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6dd7240261523082021-12-17 11:28:04.067root 11241100x800000000000000080719Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.88f4f95cb8efee972021-12-17 11:28:04.557root 11241100x800000000000000080720Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.05da00f194b9dfaa2021-12-17 11:28:04.557root 11241100x800000000000000080721Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c3e8361645894862021-12-17 11:28:04.557root 11241100x800000000000000080722Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df033226006b51042021-12-17 11:28:04.557root 11241100x800000000000000080723Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba8b362566722f642021-12-17 11:28:04.558root 11241100x800000000000000080724Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8bc4f543a724feba2021-12-17 11:28:04.558root 11241100x800000000000000080725Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.34cb2366937477fb2021-12-17 11:28:04.558root 11241100x800000000000000080726Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.176e091a56572bde2021-12-17 11:28:04.558root 11241100x800000000000000080727Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.545c0c83e5ac75202021-12-17 11:28:04.558root 11241100x800000000000000080728Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38dcf5e55fc60d7e2021-12-17 11:28:04.558root 11241100x800000000000000080729Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5098334df21897d62021-12-17 11:28:04.559root 11241100x800000000000000080730Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1afe1b7cc764dfd82021-12-17 11:28:04.559root 11241100x800000000000000080731Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ff5b2510a38146a2021-12-17 11:28:04.559root 11241100x800000000000000080732Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7de28ffb645ac2642021-12-17 11:28:04.559root 11241100x800000000000000080733Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.094a9cbc2927bf532021-12-17 11:28:04.559root 11241100x800000000000000080734Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d55f4d1fcf1ffa4d2021-12-17 11:28:04.559root 11241100x800000000000000080735Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7fa69c75b23dc2972021-12-17 11:28:04.559root 11241100x800000000000000080736Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a483d04ee6b4238e2021-12-17 11:28:04.559root 11241100x800000000000000080737Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.62e1c9f773b332602021-12-17 11:28:04.559root 11241100x800000000000000080738Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e6fb6b92df01c5c2021-12-17 11:28:04.559root 11241100x800000000000000080739Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.131b8b0099effdf12021-12-17 11:28:04.560root 11241100x800000000000000080740Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.316d525192f861552021-12-17 11:28:04.560root 11241100x800000000000000080741Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb3ea5e194805e742021-12-17 11:28:04.560root 11241100x800000000000000080742Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.184d477d2c97413c2021-12-17 11:28:04.560root 11241100x800000000000000080743Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa4333cc1ba061f42021-12-17 11:28:04.560root 11241100x800000000000000080744Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7beb4997303e50b52021-12-17 11:28:04.560root 11241100x800000000000000080745Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e228a5e521afc8f72021-12-17 11:28:04.561root 11241100x800000000000000080746Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a8e97acb32ba5542021-12-17 11:28:04.561root 11241100x800000000000000080747Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f38cfb5be4ad99d2021-12-17 11:28:04.561root 11241100x800000000000000080748Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d25a7f8691ac2242021-12-17 11:28:04.561root 11241100x800000000000000080749Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.065befe843de0e302021-12-17 11:28:04.561root 11241100x800000000000000080750Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c66bf8b1435bcfda2021-12-17 11:28:04.561root 11241100x800000000000000080751Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7422da63cd439fd72021-12-17 11:28:04.561root 11241100x800000000000000080752Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b7edb3db8519a112021-12-17 11:28:04.561root 11241100x800000000000000080753Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ea57ef305cac8c892021-12-17 11:28:04.561root 11241100x800000000000000080754Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d4dc72c139185d22021-12-17 11:28:04.562root 11241100x800000000000000080755Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d96d21cc93a496f2021-12-17 11:28:04.562root 11241100x800000000000000080756Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d751c9b9cbf7268a2021-12-17 11:28:04.562root 11241100x800000000000000080757Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c59cda2d01c3e9c72021-12-17 11:28:04.562root 11241100x800000000000000080758Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bccf4f9a9f139c582021-12-17 11:28:04.562root 11241100x800000000000000080759Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ea249f5aaa4f7ca22021-12-17 11:28:04.562root 11241100x800000000000000080760Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c6b779dc9924a3e2021-12-17 11:28:04.562root 11241100x800000000000000080761Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c40c4d18c1ebba6f2021-12-17 11:28:04.562root 11241100x800000000000000080762Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e7aa29b159855c32021-12-17 11:28:04.563root 11241100x800000000000000080763Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c9001186bbd146412021-12-17 11:28:04.563root 11241100x800000000000000080764Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f6959a7fb37977d2021-12-17 11:28:04.563root 11241100x800000000000000080765Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c6c55708dc684a92021-12-17 11:28:04.563root 11241100x800000000000000080766Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f96f292d7ad129c2021-12-17 11:28:04.563root 11241100x800000000000000080767Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb8876b861cbe0df2021-12-17 11:28:04.563root 11241100x800000000000000080768Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.411bd0430a0294792021-12-17 11:28:04.563root 11241100x800000000000000080769Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e34a2fe2f8f45a8d2021-12-17 11:28:04.563root 11241100x800000000000000080770Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e11499f1cee0daf32021-12-17 11:28:04.563root 11241100x800000000000000080771Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:04.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.014045101ecc12592021-12-17 11:28:04.563root 11241100x800000000000000080772Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c4f77c7f0e6ea0602021-12-17 11:28:05.057root 11241100x800000000000000080773Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.215bc66d76e89e512021-12-17 11:28:05.057root 11241100x800000000000000080774Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e994dfdb8f9ae7a82021-12-17 11:28:05.057root 11241100x800000000000000080775Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6b23e1fee03ff322021-12-17 11:28:05.057root 11241100x800000000000000080776Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2dd1a8b44745c6932021-12-17 11:28:05.057root 11241100x800000000000000080777Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d04238572049c56f2021-12-17 11:28:05.057root 11241100x800000000000000080778Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02a862c0319d300b2021-12-17 11:28:05.057root 11241100x800000000000000080779Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7cb1c2e1e289bc212021-12-17 11:28:05.057root 11241100x800000000000000080780Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a875a0fd9e6018db2021-12-17 11:28:05.058root 11241100x800000000000000080781Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f1cbf01dc1a09ae92021-12-17 11:28:05.058root 11241100x800000000000000080782Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f928dab7c8270f292021-12-17 11:28:05.058root 11241100x800000000000000080783Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.10c5b3ff7b7bfa542021-12-17 11:28:05.058root 11241100x800000000000000080784Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4813ee16294077f72021-12-17 11:28:05.058root 11241100x800000000000000080785Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.115a6027887a837b2021-12-17 11:28:05.059root 11241100x800000000000000080786Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.46dea5eac3e8e4d02021-12-17 11:28:05.059root 11241100x800000000000000080787Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a389cfb96ee0b7e52021-12-17 11:28:05.059root 11241100x800000000000000080788Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a8b84470479ef302021-12-17 11:28:05.059root 11241100x800000000000000080789Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0cd0b7b1c62d94232021-12-17 11:28:05.059root 11241100x800000000000000080790Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bfd0f634f86331212021-12-17 11:28:05.059root 11241100x800000000000000080791Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.51c621a6eebcd4222021-12-17 11:28:05.059root 11241100x800000000000000080792Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4fc52140fb400a072021-12-17 11:28:05.059root 11241100x800000000000000080793Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ccde05e558fa83352021-12-17 11:28:05.060root 11241100x800000000000000080794Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e50db559d0dbafc2021-12-17 11:28:05.060root 11241100x800000000000000080795Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f88535f6dd71dc4c2021-12-17 11:28:05.060root 11241100x800000000000000080796Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a1f06ff2a9a7e542021-12-17 11:28:05.060root 11241100x800000000000000080797Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a851a053acf93ccc2021-12-17 11:28:05.061root 11241100x800000000000000080798Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.888d09da357b4b182021-12-17 11:28:05.061root 11241100x800000000000000080799Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f3e520faadb94e12021-12-17 11:28:05.061root 11241100x800000000000000080800Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee68f69c78bc4e392021-12-17 11:28:05.061root 11241100x800000000000000080801Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9981e59dfaa250872021-12-17 11:28:05.061root 11241100x800000000000000080802Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2b1f8d6788838c302021-12-17 11:28:05.061root 11241100x800000000000000080803Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df96a28ce2cbdf212021-12-17 11:28:05.062root 11241100x800000000000000080804Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b01c404af85df5f2021-12-17 11:28:05.062root 11241100x800000000000000080805Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.761bb7363fd48d652021-12-17 11:28:05.063root 11241100x800000000000000080806Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a146430e6563c92d2021-12-17 11:28:05.063root 11241100x800000000000000080807Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb67a2d7d072eea82021-12-17 11:28:05.063root 11241100x800000000000000080808Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3ebe7ac621bb1fd2021-12-17 11:28:05.063root 11241100x800000000000000080809Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ed741b46d2f3f9c2021-12-17 11:28:05.063root 11241100x800000000000000080810Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2cbc0b0049d6738d2021-12-17 11:28:05.064root 11241100x800000000000000080811Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e1d11eff107aada32021-12-17 11:28:05.064root 11241100x800000000000000080812Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e80a2de4263ff7b92021-12-17 11:28:05.064root 11241100x800000000000000080813Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d7e15a6242616ef02021-12-17 11:28:05.064root 11241100x800000000000000080814Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1fc6b5b63234019f2021-12-17 11:28:05.065root 11241100x800000000000000080815Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7c75e34283c9d1b2021-12-17 11:28:05.065root 11241100x800000000000000080816Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f3c000f4602e91712021-12-17 11:28:05.065root 11241100x800000000000000080817Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33344c7e13b0a9ab2021-12-17 11:28:05.065root 11241100x800000000000000080818Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.066{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b0135f7ba83ebfc82021-12-17 11:28:05.066root 11241100x800000000000000080819Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.066{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63cfd699cce90b222021-12-17 11:28:05.066root 11241100x800000000000000080820Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.066{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b765821b0828f992021-12-17 11:28:05.066root 11241100x800000000000000080821Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.066{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.43160ea634b87a5f2021-12-17 11:28:05.066root 11241100x800000000000000080822Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.066{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.04c0b4ef35af592a2021-12-17 11:28:05.066root 11241100x800000000000000080823Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a52fafe8d605dd672021-12-17 11:28:05.067root 11241100x800000000000000080824Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f1c3afd16e5db6852021-12-17 11:28:05.067root 11241100x800000000000000080825Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af6ebcc95d0049612021-12-17 11:28:05.067root 11241100x800000000000000080826Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.075043e21a06d4852021-12-17 11:28:05.067root 11241100x800000000000000080827Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.970182bf570692c92021-12-17 11:28:05.067root 11241100x800000000000000080828Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.068{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c00583596aa2fbf2021-12-17 11:28:05.068root 11241100x800000000000000080829Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.068{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.938f67a93807b96b2021-12-17 11:28:05.068root 11241100x800000000000000080830Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.068{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a9c063d9ec4ac4612021-12-17 11:28:05.068root 11241100x800000000000000080831Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.068{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b8703af85c163dad2021-12-17 11:28:05.068root 11241100x800000000000000080832Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.068{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c11247aa2ed73bd2021-12-17 11:28:05.068root 11241100x800000000000000080833Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.069{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dcece03abe694b5b2021-12-17 11:28:05.069root 11241100x800000000000000080834Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.069{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3762ba76ed47f892021-12-17 11:28:05.069root 11241100x800000000000000080835Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.069{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c9eccd7435acd5352021-12-17 11:28:05.069root 11241100x800000000000000080836Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.069{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a49f121796d678f92021-12-17 11:28:05.069root 11241100x800000000000000080837Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.069{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec52c23a4a558cf22021-12-17 11:28:05.069root 11241100x800000000000000080838Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.069{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d53ce20afaafe6c22021-12-17 11:28:05.069root 11241100x800000000000000080839Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.070{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de07f85250936ec32021-12-17 11:28:05.070root 11241100x800000000000000080840Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.070{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.115966cf03ff549e2021-12-17 11:28:05.070root 11241100x800000000000000080841Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.070{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f68c444cda45ca732021-12-17 11:28:05.070root 11241100x800000000000000080842Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.070{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.883f94526f3dc7482021-12-17 11:28:05.070root 11241100x800000000000000080843Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.070{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02d5ee6085a030fe2021-12-17 11:28:05.070root 11241100x800000000000000080844Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.070{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.44806340f7bee6552021-12-17 11:28:05.070root 11241100x800000000000000080845Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.070{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf65e80b24a70e632021-12-17 11:28:05.070root 11241100x800000000000000080846Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.070{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.becd75cb00cd058a2021-12-17 11:28:05.070root 11241100x800000000000000080847Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.070{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.79ffc25eb8de49f32021-12-17 11:28:05.070root 11241100x800000000000000080848Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.070{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.59768ce0d23a63db2021-12-17 11:28:05.070root 11241100x800000000000000080849Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.070{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b06f347f9e7ffb12021-12-17 11:28:05.070root 11241100x800000000000000080850Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.070{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9275d44428684ec32021-12-17 11:28:05.070root 11241100x800000000000000080851Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.071{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.255d00cda66612df2021-12-17 11:28:05.071root 11241100x800000000000000080852Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.071{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f6ad34be8c4644172021-12-17 11:28:05.071root 11241100x800000000000000080853Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.071{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a3d2d30f2e7e90ae2021-12-17 11:28:05.071root 11241100x800000000000000080854Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.071{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d3b33e042fa5ba932021-12-17 11:28:05.071root 11241100x800000000000000080855Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.071{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.212b2232b87ec9ff2021-12-17 11:28:05.071root 11241100x800000000000000080856Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.071{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3fd273a53ffcf3a32021-12-17 11:28:05.071root 11241100x800000000000000080857Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.071{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c06c50441a0f10672021-12-17 11:28:05.071root 11241100x800000000000000080858Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.071{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63d1319e1c54c7bc2021-12-17 11:28:05.071root 11241100x800000000000000080859Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.071{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b5f94f99b4abd762021-12-17 11:28:05.071root 11241100x800000000000000080860Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.071{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d302305f449128882021-12-17 11:28:05.071root 11241100x800000000000000080861Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.071{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed431dca12f007cc2021-12-17 11:28:05.071root 11241100x800000000000000080862Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.071{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.28e688d447939f452021-12-17 11:28:05.071root 11241100x800000000000000080863Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.071{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0b75a6781a6b0222021-12-17 11:28:05.071root 11241100x800000000000000080864Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.071{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e441bddb1e6a43bd2021-12-17 11:28:05.071root 11241100x800000000000000080865Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.071{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9368a7388bf385c92021-12-17 11:28:05.071root 11241100x800000000000000080866Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.072{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f8d9fbcf80518a662021-12-17 11:28:05.072root 11241100x800000000000000080867Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.072{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f708d5b224c8d572021-12-17 11:28:05.072root 11241100x800000000000000080868Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.072{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e19154047ad486c32021-12-17 11:28:05.072root 11241100x800000000000000080869Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.072{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a4564800e7f43c02021-12-17 11:28:05.072root 11241100x800000000000000080870Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.072{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bf491ad0e61f60692021-12-17 11:28:05.072root 11241100x800000000000000080871Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.072{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bf7c4803fa3bd6312021-12-17 11:28:05.072root 11241100x800000000000000080872Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.072{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.11cd0416673f05cb2021-12-17 11:28:05.072root 11241100x800000000000000080873Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.072{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be6b7926c363559d2021-12-17 11:28:05.072root 11241100x800000000000000080874Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.072{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e421754c425b717e2021-12-17 11:28:05.072root 11241100x800000000000000080875Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.072{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8fe62043de740afa2021-12-17 11:28:05.072root 11241100x800000000000000080876Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.072{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.547d2c753af9f4122021-12-17 11:28:05.072root 11241100x800000000000000080877Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.072{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa3439ed804d25b72021-12-17 11:28:05.072root 11241100x800000000000000080878Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.073{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ae91ae3ca3abc9c2021-12-17 11:28:05.073root 11241100x800000000000000080879Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.073{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3def362e58890e492021-12-17 11:28:05.073root 11241100x800000000000000080880Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.073{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f019a4a61fb08f722021-12-17 11:28:05.073root 11241100x800000000000000080881Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c9255fecd03f8a3d2021-12-17 11:28:05.557root 11241100x800000000000000080882Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a625cd0783a1f002021-12-17 11:28:05.557root 11241100x800000000000000080883Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e2821cb948a41b52021-12-17 11:28:05.557root 11241100x800000000000000080884Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c56085765a35a8d2021-12-17 11:28:05.557root 11241100x800000000000000080885Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.243a64fe2638c9382021-12-17 11:28:05.557root 11241100x800000000000000080886Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.704ae9c04f8190882021-12-17 11:28:05.558root 11241100x800000000000000080887Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c292078e18571c72021-12-17 11:28:05.558root 11241100x800000000000000080888Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9f9aff9912ce4a8a2021-12-17 11:28:05.558root 11241100x800000000000000080889Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41f23c4e433e3f922021-12-17 11:28:05.558root 11241100x800000000000000080890Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.499e8a0d96b5ab332021-12-17 11:28:05.558root 11241100x800000000000000080891Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f73de1fa7bebdd432021-12-17 11:28:05.558root 11241100x800000000000000080892Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.82653bf5fd5f1f382021-12-17 11:28:05.558root 11241100x800000000000000080893Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1986ffc8f344fb182021-12-17 11:28:05.558root 11241100x800000000000000080894Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e5eb67f84dd334cc2021-12-17 11:28:05.559root 11241100x800000000000000080895Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.78af9cd5113d9eac2021-12-17 11:28:05.559root 11241100x800000000000000080896Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b81bada15eece5e82021-12-17 11:28:05.559root 11241100x800000000000000080897Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3bb5f38d05a3a94f2021-12-17 11:28:05.559root 11241100x800000000000000080898Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8034bd37c6b2799b2021-12-17 11:28:05.559root 11241100x800000000000000080899Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.062871ee1670414b2021-12-17 11:28:05.559root 11241100x800000000000000080900Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41a39f301d0bc07e2021-12-17 11:28:05.559root 11241100x800000000000000080901Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cef7d78f88910a572021-12-17 11:28:05.559root 11241100x800000000000000080902Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.93c7b27ec90fb1632021-12-17 11:28:05.560root 11241100x800000000000000080903Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a79428ed60780a42021-12-17 11:28:05.561root 11241100x800000000000000080904Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38b492b542c720252021-12-17 11:28:05.561root 11241100x800000000000000080905Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cbd1cda3af92f55f2021-12-17 11:28:05.561root 11241100x800000000000000080906Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d421d1812bad67812021-12-17 11:28:05.562root 11241100x800000000000000080907Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ccd796a2e82e313c2021-12-17 11:28:05.562root 11241100x800000000000000080908Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02818942cb7187232021-12-17 11:28:05.563root 11241100x800000000000000080909Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f5a8c8e19e2a26f2021-12-17 11:28:05.563root 11241100x800000000000000080910Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e498972816d73882021-12-17 11:28:05.564root 11241100x800000000000000080911Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b5505b04f8da9ea2021-12-17 11:28:05.564root 11241100x800000000000000080912Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3072ee02ab8b28fe2021-12-17 11:28:05.564root 11241100x800000000000000080913Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca8022b61402f1ae2021-12-17 11:28:05.564root 11241100x800000000000000080914Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eedad50b1d8bf3b02021-12-17 11:28:05.564root 11241100x800000000000000080915Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0234e12b6c64aa42021-12-17 11:28:05.564root 11241100x800000000000000080916Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a49026e8b79d9daa2021-12-17 11:28:05.564root 11241100x800000000000000080917Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c70d4f78d0fe98862021-12-17 11:28:05.564root 11241100x800000000000000080918Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f52d0ba65775ac92021-12-17 11:28:05.565root 11241100x800000000000000080919Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1ad027c6410de102021-12-17 11:28:05.565root 11241100x800000000000000080920Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0abb4fce3690ad592021-12-17 11:28:05.565root 11241100x800000000000000080921Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a169ae90eb2b4b0b2021-12-17 11:28:05.565root 11241100x800000000000000080922Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e5d01a87210c8f052021-12-17 11:28:05.565root 11241100x800000000000000080923Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d078e634ed5cbbc2021-12-17 11:28:05.565root 11241100x800000000000000080924Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f4ae12dbeda42ad02021-12-17 11:28:05.565root 11241100x800000000000000080925Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.566{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc6d07b36b316dab2021-12-17 11:28:05.566root 11241100x800000000000000080926Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.566{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6742123c802c68f02021-12-17 11:28:05.566root 11241100x800000000000000080927Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.566{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.178a4211b53947ab2021-12-17 11:28:05.566root 11241100x800000000000000080928Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.567{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c1c7bd383c94d6372021-12-17 11:28:05.567root 11241100x800000000000000080929Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.567{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.472d8e621f2e03ff2021-12-17 11:28:05.567root 11241100x800000000000000080930Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.567{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47f015b2511483402021-12-17 11:28:05.567root 11241100x800000000000000080931Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.567{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.14adb12c2ba2cd4a2021-12-17 11:28:05.567root 11241100x800000000000000080932Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.567{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.096d1a9ef923b4c02021-12-17 11:28:05.567root 11241100x800000000000000080933Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.567{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.51e470b6611d08c12021-12-17 11:28:05.567root 11241100x800000000000000080934Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.569{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7e76651b40fe7322021-12-17 11:28:05.569root 11241100x800000000000000080935Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:05.569{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ac2ee4e2e40e3582021-12-17 11:28:05.569root 11241100x800000000000000080936Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3afbef696bda39b52021-12-17 11:28:06.057root 11241100x800000000000000080937Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.66034d606aa10fe02021-12-17 11:28:06.057root 11241100x800000000000000080938Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f0cdd3b87b1c177c2021-12-17 11:28:06.057root 11241100x800000000000000080939Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5319ed96d2e10b112021-12-17 11:28:06.057root 11241100x800000000000000080940Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c212f69f201d6a452021-12-17 11:28:06.058root 11241100x800000000000000080941Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.78faa1144dc2c85a2021-12-17 11:28:06.058root 11241100x800000000000000080942Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cccae581c4f76e772021-12-17 11:28:06.058root 11241100x800000000000000080943Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7eb2d543185f59c52021-12-17 11:28:06.058root 11241100x800000000000000080944Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c2466a4d3d862ba2021-12-17 11:28:06.058root 11241100x800000000000000080945Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e3bade991229ed322021-12-17 11:28:06.059root 11241100x800000000000000080946Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96b3bf5b573240382021-12-17 11:28:06.059root 11241100x800000000000000080947Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.399c9304dfb1dca72021-12-17 11:28:06.059root 11241100x800000000000000080948Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.22a25439115dd53a2021-12-17 11:28:06.059root 11241100x800000000000000080949Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.24704758234a99a82021-12-17 11:28:06.059root 11241100x800000000000000080950Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8e5865cffd6e7932021-12-17 11:28:06.059root 11241100x800000000000000080951Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.19703b0781fddd322021-12-17 11:28:06.060root 11241100x800000000000000080952Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c9a850d4b2fd74d12021-12-17 11:28:06.060root 11241100x800000000000000080953Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95e66d330f04afd32021-12-17 11:28:06.060root 11241100x800000000000000080954Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.46ebac6818edab592021-12-17 11:28:06.060root 11241100x800000000000000080955Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0dce9a1820755e822021-12-17 11:28:06.060root 11241100x800000000000000080956Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e03ab7d61001f9f52021-12-17 11:28:06.061root 11241100x800000000000000080957Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd07fbdc0bb9d5e22021-12-17 11:28:06.061root 11241100x800000000000000080958Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c9e7ca2884a6b1f2021-12-17 11:28:06.061root 11241100x800000000000000080959Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b1ae2052b07d93102021-12-17 11:28:06.061root 11241100x800000000000000080960Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ceb03cc1849d26242021-12-17 11:28:06.062root 11241100x800000000000000080961Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c924822ba6df6c1f2021-12-17 11:28:06.062root 11241100x800000000000000080962Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a5727ec200c60f32021-12-17 11:28:06.062root 11241100x800000000000000080963Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3dc4e443bb9bb802021-12-17 11:28:06.063root 11241100x800000000000000080964Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ebcc2b4d7dc40112021-12-17 11:28:06.063root 11241100x800000000000000080965Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6af0cbd2d38020dc2021-12-17 11:28:06.063root 11241100x800000000000000080966Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a9e9006f45d3a1f62021-12-17 11:28:06.063root 11241100x800000000000000080967Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.31ecd590a455340f2021-12-17 11:28:06.063root 11241100x800000000000000080968Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1921b64da1e36e6d2021-12-17 11:28:06.064root 11241100x800000000000000080969Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a7aae16389f0ad82021-12-17 11:28:06.064root 11241100x800000000000000080970Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.411159c4494e70ac2021-12-17 11:28:06.064root 11241100x800000000000000080971Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.05ca2f80c35ffb112021-12-17 11:28:06.064root 11241100x800000000000000080972Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae97d51ba4301b9b2021-12-17 11:28:06.064root 11241100x800000000000000080973Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.554e10cefe2039c42021-12-17 11:28:06.065root 11241100x800000000000000080974Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a1178e070b397c82021-12-17 11:28:06.065root 11241100x800000000000000080975Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7af88c1bc6de36822021-12-17 11:28:06.065root 11241100x800000000000000080976Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e29f8346a5e578582021-12-17 11:28:06.065root 11241100x800000000000000080977Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af0e0cf88af2c25a2021-12-17 11:28:06.065root 11241100x800000000000000080978Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c7e5035221f811e2021-12-17 11:28:06.065root 11241100x800000000000000080979Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a5d8b1fb28aec9382021-12-17 11:28:06.065root 11241100x800000000000000080980Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d8469c3aa5e9d4f2021-12-17 11:28:06.065root 11241100x800000000000000080981Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.066{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0af1b94d1dd4782e2021-12-17 11:28:06.066root 11241100x800000000000000080982Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.066{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8bfb0cb5eaa1af3f2021-12-17 11:28:06.066root 11241100x800000000000000080983Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.066{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9fa84ad9977925482021-12-17 11:28:06.066root 11241100x800000000000000080984Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.066{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.afcb24f7766a208d2021-12-17 11:28:06.066root 11241100x800000000000000080985Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.066{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.68d4736a81dc3c3f2021-12-17 11:28:06.066root 11241100x800000000000000080986Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.066{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3cb438f17f8171bb2021-12-17 11:28:06.066root 11241100x800000000000000080987Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.066{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.55a7e0eeff1017be2021-12-17 11:28:06.066root 11241100x800000000000000080988Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.066{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f9cebfcdb63aacc02021-12-17 11:28:06.066root 11241100x800000000000000080989Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae2613a4d145fb1b2021-12-17 11:28:06.067root 11241100x800000000000000080990Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8153432d0cbe84d92021-12-17 11:28:06.067root 11241100x800000000000000080991Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c757b8e2309991b32021-12-17 11:28:06.067root 11241100x800000000000000080992Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5058e4b7379153402021-12-17 11:28:06.067root 11241100x800000000000000080993Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aee03bc43b5e8ce02021-12-17 11:28:06.067root 11241100x800000000000000080994Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca918b2a6f38e7722021-12-17 11:28:06.067root 11241100x800000000000000080995Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.140efab5ba62fb632021-12-17 11:28:06.067root 11241100x800000000000000080996Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.35c60b7ce384a5f22021-12-17 11:28:06.067root 11241100x800000000000000080997Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9462f18bdb3948822021-12-17 11:28:06.067root 11241100x800000000000000080998Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.068{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.974e6fca3ec3b68c2021-12-17 11:28:06.068root 11241100x800000000000000080999Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.068{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5dbdcb7fd64860d62021-12-17 11:28:06.068root 11241100x800000000000000081000Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.068{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de99f2765ae995c72021-12-17 11:28:06.068root 11241100x800000000000000081001Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.068{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8fc05e6982965a2b2021-12-17 11:28:06.068root 11241100x800000000000000081002Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.068{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0daf9abd226900a72021-12-17 11:28:06.068root 11241100x800000000000000081003Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.068{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.190b10a8d1eafe552021-12-17 11:28:06.068root 11241100x800000000000000081004Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.068{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e9407e1d13e52ae2021-12-17 11:28:06.068root 11241100x800000000000000081005Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.068{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.adf78cbc3a87f8d82021-12-17 11:28:06.068root 11241100x800000000000000081006Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.069{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0e28212008e06302021-12-17 11:28:06.069root 11241100x800000000000000081007Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.069{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e5805bd84ede58de2021-12-17 11:28:06.069root 11241100x800000000000000081008Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.069{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.78fcc79a66ef7bed2021-12-17 11:28:06.069root 11241100x800000000000000081009Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.069{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.45d8f924dbadf4f82021-12-17 11:28:06.069root 11241100x800000000000000081010Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.069{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cadae0797c28f1932021-12-17 11:28:06.069root 11241100x800000000000000081011Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.069{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e554a2077d279ec2021-12-17 11:28:06.069root 11241100x800000000000000081012Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.069{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.19e0de5202f4bd082021-12-17 11:28:06.069root 11241100x800000000000000081013Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.069{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7348f84f151ed7cd2021-12-17 11:28:06.069root 11241100x800000000000000081014Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.070{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe6c6e70419d71582021-12-17 11:28:06.070root 11241100x800000000000000081015Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.070{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.623881356d1fd8be2021-12-17 11:28:06.070root 11241100x800000000000000081016Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.070{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bf8f5eb96b95275c2021-12-17 11:28:06.070root 11241100x800000000000000081017Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.070{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.37b1af0aa12722e62021-12-17 11:28:06.070root 11241100x800000000000000081018Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.070{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.72cb3508f7e718c12021-12-17 11:28:06.070root 11241100x800000000000000081019Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd96b944b1ca7fb92021-12-17 11:28:06.558root 11241100x800000000000000081020Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ad06e11797c3f48a2021-12-17 11:28:06.558root 11241100x800000000000000081021Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1127342abcff22832021-12-17 11:28:06.558root 11241100x800000000000000081022Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.539eaee2c63e6a602021-12-17 11:28:06.558root 11241100x800000000000000081023Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.470da42167a712012021-12-17 11:28:06.559root 11241100x800000000000000081024Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d053503e37901f62021-12-17 11:28:06.559root 11241100x800000000000000081025Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1476d4537b571d22021-12-17 11:28:06.559root 11241100x800000000000000081026Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2181590fd25147032021-12-17 11:28:06.559root 11241100x800000000000000081027Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d749a053ce03cc32021-12-17 11:28:06.559root 11241100x800000000000000081028Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d6513b178f240682021-12-17 11:28:06.559root 11241100x800000000000000081029Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.025ea65e981ef67e2021-12-17 11:28:06.559root 11241100x800000000000000081030Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b9b082f7f196e232021-12-17 11:28:06.559root 11241100x800000000000000081031Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.70bfd67ce8d0f5772021-12-17 11:28:06.560root 11241100x800000000000000081032Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a265ee21bb4ce4a2021-12-17 11:28:06.560root 11241100x800000000000000081033Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da06c2004a2930902021-12-17 11:28:06.560root 11241100x800000000000000081034Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.86301ac8d493bc742021-12-17 11:28:06.560root 11241100x800000000000000081035Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2839f4dbc7c779902021-12-17 11:28:06.560root 11241100x800000000000000081036Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe665702d62fae4b2021-12-17 11:28:06.560root 11241100x800000000000000081037Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.15e1a7e8a7e0da012021-12-17 11:28:06.561root 11241100x800000000000000081038Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b86513caba77f9632021-12-17 11:28:06.561root 11241100x800000000000000081039Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.866a2e479bb5093f2021-12-17 11:28:06.561root 11241100x800000000000000081040Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8876353dac2350312021-12-17 11:28:06.561root 11241100x800000000000000081041Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e144bc13ef24db92021-12-17 11:28:06.561root 11241100x800000000000000081042Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a3f2007673486e22021-12-17 11:28:06.561root 11241100x800000000000000081043Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.daa7fa1bebb6c5e52021-12-17 11:28:06.561root 11241100x800000000000000081044Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2038396c84d5ea6f2021-12-17 11:28:06.561root 11241100x800000000000000081045Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee24d54da992df7b2021-12-17 11:28:06.562root 11241100x800000000000000081046Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8de598fbe86f4ae2021-12-17 11:28:06.562root 11241100x800000000000000081047Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.73387ebebc24f20f2021-12-17 11:28:06.562root 11241100x800000000000000081048Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c25af7b0971864a62021-12-17 11:28:06.562root 11241100x800000000000000081049Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c7dfeed77f94d072021-12-17 11:28:06.562root 11241100x800000000000000081050Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8fa56a73cfe49cc72021-12-17 11:28:06.562root 11241100x800000000000000081051Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6175d4b120180c1b2021-12-17 11:28:06.562root 11241100x800000000000000081052Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.07f32439f841ffb42021-12-17 11:28:06.562root 11241100x800000000000000081053Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b8f435ab54aa00bd2021-12-17 11:28:06.563root 11241100x800000000000000081054Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee3575c4daf274de2021-12-17 11:28:06.563root 11241100x800000000000000081055Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.767e16ff5beaa45e2021-12-17 11:28:06.563root 11241100x800000000000000081056Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e983323a1347bfc2021-12-17 11:28:06.563root 11241100x800000000000000081057Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.13e46d3f7bc40ba62021-12-17 11:28:06.563root 11241100x800000000000000081058Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a3a3e5ebdac691cd2021-12-17 11:28:06.563root 11241100x800000000000000081059Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.53577b0ddde6d36c2021-12-17 11:28:06.564root 11241100x800000000000000081060Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c3c580a0365dead72021-12-17 11:28:06.564root 11241100x800000000000000081061Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a132eb0ab9eb92282021-12-17 11:28:06.564root 11241100x800000000000000081062Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e4ebd2c11d9a91f2021-12-17 11:28:06.564root 11241100x800000000000000081063Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21627fa3d4daa9ca2021-12-17 11:28:06.564root 11241100x800000000000000081064Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9bf5d67c60a128552021-12-17 11:28:06.564root 11241100x800000000000000081065Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4638dd23c6f803842021-12-17 11:28:06.565root 11241100x800000000000000081066Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.68132d492a0aae802021-12-17 11:28:06.565root 11241100x800000000000000081067Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae222486fbbf2d012021-12-17 11:28:06.565root 11241100x800000000000000081068Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c31ff6cf55a125d52021-12-17 11:28:06.565root 11241100x800000000000000081069Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d462243b2b08b952021-12-17 11:28:06.565root 11241100x800000000000000081070Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e3a5463ade341362021-12-17 11:28:06.565root 11241100x800000000000000081071Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25c39322c56a7c392021-12-17 11:28:06.565root 11241100x800000000000000081072Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.566{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.514071b4ab78e3682021-12-17 11:28:06.566root 11241100x800000000000000081073Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.566{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fdf26c31091cf9362021-12-17 11:28:06.566root 11241100x800000000000000081074Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.566{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a5647a20fcbcbbe02021-12-17 11:28:06.566root 11241100x800000000000000081075Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.566{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f90d302a761bbdc12021-12-17 11:28:06.566root 11241100x800000000000000081076Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.566{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ec724c03024a8a52021-12-17 11:28:06.566root 11241100x800000000000000081077Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.566{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.37e1f9e3e0be49682021-12-17 11:28:06.566root 11241100x800000000000000081078Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.566{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4d3c5debd0d969dd2021-12-17 11:28:06.566root 11241100x800000000000000081079Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.566{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.20b868392ed772a42021-12-17 11:28:06.566root 11241100x800000000000000081080Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.566{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7d4f4ab2854dd052021-12-17 11:28:06.566root 11241100x800000000000000081081Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.567{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f32c6c2588ccbe5a2021-12-17 11:28:06.567root 11241100x800000000000000081082Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.567{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef5f522cc1e80d4c2021-12-17 11:28:06.567root 11241100x800000000000000081083Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.567{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0fb8b4ad3b1a17f82021-12-17 11:28:06.567root 11241100x800000000000000081084Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.567{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.80be491d6b09ea812021-12-17 11:28:06.567root 11241100x800000000000000081085Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.567{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0765f6821b3fb28f2021-12-17 11:28:06.567root 11241100x800000000000000081086Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.567{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0231fa145720c6ac2021-12-17 11:28:06.567root 11241100x800000000000000081087Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.567{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eae24c610281928e2021-12-17 11:28:06.567root 11241100x800000000000000081088Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.568{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd8023207f201f4c2021-12-17 11:28:06.568root 11241100x800000000000000081089Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.568{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae6d74b0eaa9d3802021-12-17 11:28:06.568root 11241100x800000000000000081090Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.568{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.79c5f26b0097ec532021-12-17 11:28:06.568root 11241100x800000000000000081091Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.568{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7780d3abb2e58c882021-12-17 11:28:06.568root 11241100x800000000000000081092Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.568{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0a1e6106864cc6b2021-12-17 11:28:06.568root 11241100x800000000000000081093Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.568{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76baa351f0f1f8df2021-12-17 11:28:06.568root 11241100x800000000000000081094Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.569{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21bb1fe117d023662021-12-17 11:28:06.569root 11241100x800000000000000081095Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.569{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c1f49c326a47e842021-12-17 11:28:06.569root 11241100x800000000000000081096Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.569{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af384585c84318ac2021-12-17 11:28:06.569root 11241100x800000000000000081097Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.570{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c15c44759cf7ae132021-12-17 11:28:06.570root 11241100x800000000000000081098Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.570{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77797cb5fe8e7bc62021-12-17 11:28:06.570root 11241100x800000000000000081099Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.570{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90333781bd3c81352021-12-17 11:28:06.570root 11241100x800000000000000081100Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.570{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3bc161f5cacc809e2021-12-17 11:28:06.570root 11241100x800000000000000081101Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.570{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9aec70013ce7bc32021-12-17 11:28:06.570root 11241100x800000000000000081102Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.570{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae1196b6bfd6297e2021-12-17 11:28:06.570root 11241100x800000000000000081103Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.570{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.89ee9b05a4482eef2021-12-17 11:28:06.570root 11241100x800000000000000081104Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.570{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e9a993171b06d1c2021-12-17 11:28:06.570root 11241100x800000000000000081105Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.571{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a4ec020bda4cf6c72021-12-17 11:28:06.571root 11241100x800000000000000081106Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.571{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3cb07ae29913994e2021-12-17 11:28:06.571root 11241100x800000000000000081107Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.571{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f5b6d6228a762bc2021-12-17 11:28:06.571root 11241100x800000000000000081108Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.571{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c76cd0037a086912021-12-17 11:28:06.571root 11241100x800000000000000081109Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.571{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.649069078f9558af2021-12-17 11:28:06.571root 11241100x800000000000000081110Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.571{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d01d1a785ae5a4f2021-12-17 11:28:06.571root 11241100x800000000000000081111Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.571{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.36f07b42a7a3836f2021-12-17 11:28:06.571root 11241100x800000000000000081112Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.571{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a54188bfcbad2cf32021-12-17 11:28:06.571root 11241100x800000000000000081113Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.571{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fbb834a792b953ab2021-12-17 11:28:06.571root 11241100x800000000000000081114Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.571{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.85029c153dc353cc2021-12-17 11:28:06.571root 11241100x800000000000000081115Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.571{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.49dc03c9c83fb5192021-12-17 11:28:06.571root 11241100x800000000000000081116Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:06.572{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f5fdb251bd4ee3a02021-12-17 11:28:06.572root 11241100x800000000000000081117Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21560cffbb7fc9f42021-12-17 11:28:07.058root 11241100x800000000000000081118Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f2644e0d2eadb2eb2021-12-17 11:28:07.058root 11241100x800000000000000081119Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.72c3eb008f7786632021-12-17 11:28:07.059root 11241100x800000000000000081120Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca1a3b0cc1c239042021-12-17 11:28:07.059root 11241100x800000000000000081121Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.34b60cb0353eec9f2021-12-17 11:28:07.059root 11241100x800000000000000081122Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.766da0214f3d13612021-12-17 11:28:07.059root 11241100x800000000000000081123Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.410ae053b558677a2021-12-17 11:28:07.059root 11241100x800000000000000081124Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f5ad4ee002d1e9892021-12-17 11:28:07.059root 11241100x800000000000000081125Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f75489839751012b2021-12-17 11:28:07.059root 11241100x800000000000000081126Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dbb79faff839d4b32021-12-17 11:28:07.059root 11241100x800000000000000081127Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af6e160e29a9079b2021-12-17 11:28:07.059root 11241100x800000000000000081128Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c3368b59daaa81972021-12-17 11:28:07.059root 11241100x800000000000000081129Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.000c32834dafa9b72021-12-17 11:28:07.060root 11241100x800000000000000081130Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f2df6db2ffb470d82021-12-17 11:28:07.060root 11241100x800000000000000081131Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c218d506beaacca2021-12-17 11:28:07.060root 11241100x800000000000000081132Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b959de4d9a0d67e2021-12-17 11:28:07.060root 11241100x800000000000000081133Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.56d607d75dd999de2021-12-17 11:28:07.060root 11241100x800000000000000081134Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a690ae8b794b5262021-12-17 11:28:07.060root 11241100x800000000000000081135Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba05c0f843bce6222021-12-17 11:28:07.060root 11241100x800000000000000081136Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f93040aecbef7c12021-12-17 11:28:07.060root 11241100x800000000000000081137Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4f65a366ac20f492021-12-17 11:28:07.060root 11241100x800000000000000081138Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c97ae6a42a3fa132021-12-17 11:28:07.060root 11241100x800000000000000081139Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4777ad813d8374f92021-12-17 11:28:07.060root 11241100x800000000000000081140Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dcbe9c5bf4ff5f6d2021-12-17 11:28:07.060root 11241100x800000000000000081141Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.240c5039dfa4d21c2021-12-17 11:28:07.060root 11241100x800000000000000081142Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8cffca038f7e3e542021-12-17 11:28:07.060root 11241100x800000000000000081143Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a934623127785362021-12-17 11:28:07.060root 11241100x800000000000000081144Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3511f1c6af6500f92021-12-17 11:28:07.060root 11241100x800000000000000081145Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b0a9623498a07792021-12-17 11:28:07.061root 11241100x800000000000000081146Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee30083a392101062021-12-17 11:28:07.061root 11241100x800000000000000081147Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c5b3d5451551ba092021-12-17 11:28:07.061root 11241100x800000000000000081148Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.51494b45069fb6fc2021-12-17 11:28:07.061root 11241100x800000000000000081149Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be500ce860c894152021-12-17 11:28:07.061root 11241100x800000000000000081150Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.359bdb60da12d46a2021-12-17 11:28:07.061root 11241100x800000000000000081151Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.71a9a6439b8597702021-12-17 11:28:07.061root 11241100x800000000000000081152Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.78c976cf459808bf2021-12-17 11:28:07.061root 11241100x800000000000000081153Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc51b89a353c30042021-12-17 11:28:07.061root 11241100x800000000000000081154Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db7199ad6978cf622021-12-17 11:28:07.061root 11241100x800000000000000081155Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6e68cfd34cec085a2021-12-17 11:28:07.061root 11241100x800000000000000081156Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d3ebf1a7a7f373782021-12-17 11:28:07.061root 11241100x800000000000000081157Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9dcc341b29d48c412021-12-17 11:28:07.061root 11241100x800000000000000081158Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d3d263e028968cc52021-12-17 11:28:07.061root 11241100x800000000000000081159Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e62c49917d6a0c5f2021-12-17 11:28:07.061root 11241100x800000000000000081160Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd0e485d25b6033a2021-12-17 11:28:07.061root 11241100x800000000000000081161Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.264932892638818d2021-12-17 11:28:07.062root 11241100x800000000000000081162Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.01217c5e9eb949ab2021-12-17 11:28:07.062root 11241100x800000000000000081163Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb25991e75e329352021-12-17 11:28:07.062root 11241100x800000000000000081164Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.109742e62b3f15552021-12-17 11:28:07.062root 11241100x800000000000000081165Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3db4d1abeb3017542021-12-17 11:28:07.062root 11241100x800000000000000081166Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ef8eb8b4c50e0232021-12-17 11:28:07.062root 11241100x800000000000000081167Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54a521277f96bc822021-12-17 11:28:07.062root 11241100x800000000000000081168Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9dfd4050fc61e9eb2021-12-17 11:28:07.062root 11241100x800000000000000081169Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e775ade117656f22021-12-17 11:28:07.062root 11241100x800000000000000081170Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.556{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d264bf03ddbb6ced2021-12-17 11:28:07.556root 11241100x800000000000000081171Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9443dab00b1b6e492021-12-17 11:28:07.557root 11241100x800000000000000081172Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0826eb2544a32a8b2021-12-17 11:28:07.557root 11241100x800000000000000081173Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.efcf63d783895b852021-12-17 11:28:07.557root 11241100x800000000000000081174Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d81a3b738725ebe2021-12-17 11:28:07.558root 11241100x800000000000000081175Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c77aa9d9af9b7bd32021-12-17 11:28:07.558root 11241100x800000000000000081176Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b54e69821a4d1fa02021-12-17 11:28:07.558root 11241100x800000000000000081177Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b06594b792c47bbc2021-12-17 11:28:07.559root 11241100x800000000000000081178Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.843f70753cbc04a82021-12-17 11:28:07.559root 11241100x800000000000000081179Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.409fd23ef5f4a92d2021-12-17 11:28:07.559root 11241100x800000000000000081180Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b0ee4a74fe6c6512021-12-17 11:28:07.559root 11241100x800000000000000081181Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d95ea30742639862021-12-17 11:28:07.560root 11241100x800000000000000081182Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e897e01c0be2db7c2021-12-17 11:28:07.560root 11241100x800000000000000081183Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d3f86630b72bdae42021-12-17 11:28:07.560root 11241100x800000000000000081184Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.46e8dd4072120da32021-12-17 11:28:07.560root 11241100x800000000000000081185Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cbd8d222c9ea3a0e2021-12-17 11:28:07.561root 11241100x800000000000000081186Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.26088946964c4f802021-12-17 11:28:07.561root 11241100x800000000000000081187Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e31bf15da9934f42021-12-17 11:28:07.561root 11241100x800000000000000081188Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cfc98c0c39cdc1062021-12-17 11:28:07.562root 11241100x800000000000000081189Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe5410de336a95ce2021-12-17 11:28:07.562root 11241100x800000000000000081190Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4745d14ce1d08f12021-12-17 11:28:07.562root 11241100x800000000000000081191Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2cda878aea3f93592021-12-17 11:28:07.562root 11241100x800000000000000081192Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f3af327137d8e7d92021-12-17 11:28:07.563root 11241100x800000000000000081193Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef3cca2a033df62f2021-12-17 11:28:07.563root 11241100x800000000000000081194Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.31fa4c95813dbd962021-12-17 11:28:07.563root 11241100x800000000000000081195Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b65d5f304d8b9db2021-12-17 11:28:07.564root 11241100x800000000000000081196Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f06ccdcd586dba182021-12-17 11:28:07.564root 11241100x800000000000000081197Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.04653f5c0180d5432021-12-17 11:28:07.564root 11241100x800000000000000081198Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa3980cb8ef5ae502021-12-17 11:28:07.564root 11241100x800000000000000081199Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce55019f0dd44cf42021-12-17 11:28:07.564root 11241100x800000000000000081200Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2af8e1f890f146ab2021-12-17 11:28:07.565root 11241100x800000000000000081201Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e1597d55cb3d548d2021-12-17 11:28:07.565root 11241100x800000000000000081202Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d9f00db2a1404cb2021-12-17 11:28:07.565root 11241100x800000000000000081203Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.24d5c6b20f0351f62021-12-17 11:28:07.565root 11241100x800000000000000081204Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.566{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e828cf686a703e622021-12-17 11:28:07.566root 11241100x800000000000000081205Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.566{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d9bb2a90744533072021-12-17 11:28:07.566root 11241100x800000000000000081206Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.566{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eba1a862717b8c1d2021-12-17 11:28:07.566root 11241100x800000000000000081207Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.566{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.98ade5ebdaf10d012021-12-17 11:28:07.566root 11241100x800000000000000081208Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.567{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.610f8061093199732021-12-17 11:28:07.567root 11241100x800000000000000081209Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.567{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d4a6fb1fa46e72ad2021-12-17 11:28:07.567root 11241100x800000000000000081210Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.567{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0d108c7039faa3f2021-12-17 11:28:07.567root 11241100x800000000000000081211Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.567{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff190fc23d3a239c2021-12-17 11:28:07.567root 11241100x800000000000000081212Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.567{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c4f013b700f7e9d62021-12-17 11:28:07.567root 11241100x800000000000000081213Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.568{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bf396f02ac18c53f2021-12-17 11:28:07.568root 11241100x800000000000000081214Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.568{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a0e2d5a2aa760012021-12-17 11:28:07.568root 11241100x800000000000000081215Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.568{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3bede59cf7d0f8822021-12-17 11:28:07.568root 11241100x800000000000000081216Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.568{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4d0ae965cd0273d92021-12-17 11:28:07.568root 11241100x800000000000000081217Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.568{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48988e510663d2102021-12-17 11:28:07.568root 11241100x800000000000000081218Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.569{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ea3f76d1b73859b2021-12-17 11:28:07.569root 11241100x800000000000000081219Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.569{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.99ac8617a25516b02021-12-17 11:28:07.569root 11241100x800000000000000081220Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.569{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.58c29524823989d22021-12-17 11:28:07.569root 11241100x800000000000000081221Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.569{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.052017572e3e82bd2021-12-17 11:28:07.569root 11241100x800000000000000081222Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.569{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d9d79e5c97a42e7e2021-12-17 11:28:07.569root 11241100x800000000000000081223Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.570{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.915632b712ea009d2021-12-17 11:28:07.570root 11241100x800000000000000081224Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.570{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a647f1c458eb914d2021-12-17 11:28:07.570root 11241100x800000000000000081225Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.570{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1557a579d83d736c2021-12-17 11:28:07.570root 11241100x800000000000000081226Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.570{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8268d0b1a7547c002021-12-17 11:28:07.570root 11241100x800000000000000081227Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.571{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.89d352dfdadae68b2021-12-17 11:28:07.571root 11241100x800000000000000081228Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.571{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b0d49fdbe7de6ae72021-12-17 11:28:07.571root 11241100x800000000000000081229Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.571{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c37648899b773d032021-12-17 11:28:07.571root 11241100x800000000000000081230Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.571{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.89c00d776cb576d72021-12-17 11:28:07.571root 11241100x800000000000000081231Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.571{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f33e86b3431a3b692021-12-17 11:28:07.571root 11241100x800000000000000081232Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.571{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.01c42e3d70f28fb02021-12-17 11:28:07.571root 11241100x800000000000000081233Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.572{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3293b711419d4bdb2021-12-17 11:28:07.572root 11241100x800000000000000081234Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.572{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b0f0a8bbbc40b002021-12-17 11:28:07.572root 11241100x800000000000000081235Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.572{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d415360402dc5292021-12-17 11:28:07.572root 11241100x800000000000000081236Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.572{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f07603da15b8d0732021-12-17 11:28:07.572root 11241100x800000000000000081237Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.573{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c7f2734c792968fe2021-12-17 11:28:07.573root 11241100x800000000000000081238Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.573{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da1c4db7992ef3ef2021-12-17 11:28:07.573root 11241100x800000000000000081239Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.573{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b67c0fb950d1eef2021-12-17 11:28:07.573root 11241100x800000000000000081240Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.573{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.70ac40095aa2fe8f2021-12-17 11:28:07.573root 11241100x800000000000000081241Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.573{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c1504efeaebef9f02021-12-17 11:28:07.573root 11241100x800000000000000081242Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.573{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e376fc249220db4b2021-12-17 11:28:07.573root 11241100x800000000000000081243Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.574{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b6d89d733865e182021-12-17 11:28:07.574root 11241100x800000000000000081244Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.574{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d194cad84ffbf9622021-12-17 11:28:07.574root 11241100x800000000000000081245Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.574{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6cdc1aa2af9475022021-12-17 11:28:07.574root 11241100x800000000000000081246Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.574{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.43709e1f6f3edd892021-12-17 11:28:07.574root 11241100x800000000000000081247Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.574{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.68943cb3e81d5f6e2021-12-17 11:28:07.574root 11241100x800000000000000081248Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.574{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec88ce85e6b960402021-12-17 11:28:07.574root 11241100x800000000000000081249Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.575{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fbb8d4f3f3619eac2021-12-17 11:28:07.575root 11241100x800000000000000081250Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.575{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0163dda84537f49d2021-12-17 11:28:07.575root 11241100x800000000000000081251Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.575{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d0b73a71e18b8bd2021-12-17 11:28:07.575root 11241100x800000000000000081252Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.575{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d62fa521ca4f74a2021-12-17 11:28:07.575root 11241100x800000000000000081253Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.575{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7b0c367e9cfdc432021-12-17 11:28:07.575root 11241100x800000000000000081254Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.575{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0106c46184c1e1212021-12-17 11:28:07.575root 11241100x800000000000000081255Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.575{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e6e4cc70a43ad1d2021-12-17 11:28:07.575root 11241100x800000000000000081256Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.575{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0aabf2ed19ba7a592021-12-17 11:28:07.575root 11241100x800000000000000081257Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.575{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25200815c661a3062021-12-17 11:28:07.575root 11241100x800000000000000081258Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.575{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be82028545ef734c2021-12-17 11:28:07.575root 11241100x800000000000000081259Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.575{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dcd297df5b6154ba2021-12-17 11:28:07.575root 11241100x800000000000000081260Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.575{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b4ca3fc76cd54792021-12-17 11:28:07.575root 11241100x800000000000000081261Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.576{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.abb928ad13e8d6a72021-12-17 11:28:07.576root 11241100x800000000000000081262Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.576{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c502b635a491f7732021-12-17 11:28:07.576root 11241100x800000000000000081263Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.576{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ce5ae41fa77effb2021-12-17 11:28:07.576root 11241100x800000000000000081264Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.576{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.360e7cb2d72c5c4a2021-12-17 11:28:07.576root 11241100x800000000000000081265Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.576{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9214fc3a08cb86b2021-12-17 11:28:07.576root 11241100x800000000000000081266Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.576{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.94622324ba34da412021-12-17 11:28:07.576root 11241100x800000000000000081267Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.576{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9bcc3077cdaae3512021-12-17 11:28:07.576root 11241100x800000000000000081268Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.576{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f33e3a55b139e9f2021-12-17 11:28:07.576root 11241100x800000000000000081269Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.576{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a82579571917f0d2021-12-17 11:28:07.576root 11241100x800000000000000081270Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.576{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fde9636ee80da87b2021-12-17 11:28:07.576root 11241100x800000000000000081271Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.576{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6bec77733844768c2021-12-17 11:28:07.576root 11241100x800000000000000081272Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.576{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.56e8e3d14fb577f02021-12-17 11:28:07.576root 11241100x800000000000000081273Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.576{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b61d5c8381dc1db02021-12-17 11:28:07.576root 11241100x800000000000000081274Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.576{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.85a0862fdf3324cc2021-12-17 11:28:07.576root 11241100x800000000000000081275Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.576{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4d16d72fb72d04b62021-12-17 11:28:07.576root 11241100x800000000000000081276Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.576{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce1874bbb65b5f2a2021-12-17 11:28:07.576root 11241100x800000000000000081277Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.577{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.75fffd36c51c11512021-12-17 11:28:07.577root 11241100x800000000000000081278Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.577{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b24d5746e54b0ec2021-12-17 11:28:07.577root 11241100x800000000000000081279Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.577{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.43eef2ed7d1421dd2021-12-17 11:28:07.577root 11241100x800000000000000081280Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.577{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c5a8d024cb04e9922021-12-17 11:28:07.577root 11241100x800000000000000081281Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.577{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c247c181917052f52021-12-17 11:28:07.577root 11241100x800000000000000081282Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.577{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b0ef84ebb1ea5012021-12-17 11:28:07.577root 11241100x800000000000000081283Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.577{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8e9000d4b49158e2021-12-17 11:28:07.577root 11241100x800000000000000081284Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.577{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.61636634a188f2672021-12-17 11:28:07.577root 11241100x800000000000000081285Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.577{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a68192f01cf800f2021-12-17 11:28:07.577root 11241100x800000000000000081286Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.577{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2e436be242dbd8e2021-12-17 11:28:07.577root 11241100x800000000000000081287Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.577{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a9ac4541e237762d2021-12-17 11:28:07.577root 11241100x800000000000000081288Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.577{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb4cb644091347f72021-12-17 11:28:07.577root 11241100x800000000000000081289Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.577{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d7b27725f5659ca62021-12-17 11:28:07.577root 11241100x800000000000000081290Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.577{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.18a255c43f18de882021-12-17 11:28:07.577root 11241100x800000000000000081291Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.577{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c07cb145fa65141c2021-12-17 11:28:07.577root 11241100x800000000000000081292Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.577{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dfb796a9bb3891242021-12-17 11:28:07.577root 11241100x800000000000000081293Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.578{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8bf9da5070d6490f2021-12-17 11:28:07.578root 11241100x800000000000000081294Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.578{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.37523e082d7322ba2021-12-17 11:28:07.578root 11241100x800000000000000081295Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.578{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.112c71e1953f3c502021-12-17 11:28:07.578root 11241100x800000000000000081296Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:07.578{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.060f5e9c476e16e52021-12-17 11:28:07.578root 11241100x800000000000000081297Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa94e293945f37542021-12-17 11:28:08.057root 11241100x800000000000000081298Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.37cd24e2135f66f02021-12-17 11:28:08.058root 11241100x800000000000000081299Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.30930ee9f9dffa2a2021-12-17 11:28:08.058root 11241100x800000000000000081300Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0437164e49393a2e2021-12-17 11:28:08.058root 11241100x800000000000000081301Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.81a6894a8c99dc0f2021-12-17 11:28:08.058root 11241100x800000000000000081302Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1db6fec450e7c0f2021-12-17 11:28:08.058root 11241100x800000000000000081303Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d4ac36996f5c09bd2021-12-17 11:28:08.059root 11241100x800000000000000081304Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1657eec5dac5ece22021-12-17 11:28:08.059root 11241100x800000000000000081305Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c7599dbe2eec3b9c2021-12-17 11:28:08.059root 11241100x800000000000000081306Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f6c86a1fc7f490712021-12-17 11:28:08.059root 11241100x800000000000000081307Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dedae559ca285d4a2021-12-17 11:28:08.060root 11241100x800000000000000081308Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2b93978822c77bd12021-12-17 11:28:08.060root 11241100x800000000000000081309Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9bb6418a66cd9e442021-12-17 11:28:08.060root 11241100x800000000000000081310Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.13fa49952096f8df2021-12-17 11:28:08.060root 11241100x800000000000000081311Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8853541c52883afc2021-12-17 11:28:08.060root 11241100x800000000000000081312Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3fefb2004e4dc99a2021-12-17 11:28:08.061root 11241100x800000000000000081313Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc0e7428e346c6ed2021-12-17 11:28:08.061root 11241100x800000000000000081314Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.40af85e340498de32021-12-17 11:28:08.061root 11241100x800000000000000081315Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d4fa7e675f5a0092021-12-17 11:28:08.061root 11241100x800000000000000081316Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee71a82a88b4aa4e2021-12-17 11:28:08.062root 11241100x800000000000000081317Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a6364b1355e7a0d2021-12-17 11:28:08.062root 11241100x800000000000000081318Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e4125c46ae8a1e32021-12-17 11:28:08.062root 11241100x800000000000000081319Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.29111686b16a5ff12021-12-17 11:28:08.062root 11241100x800000000000000081320Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b2a01135f7c66f82021-12-17 11:28:08.062root 11241100x800000000000000081321Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c958a0d4f7a13ea2021-12-17 11:28:08.063root 11241100x800000000000000081322Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.080c2146f46a53d32021-12-17 11:28:08.063root 11241100x800000000000000081323Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2b5a3854ee34334c2021-12-17 11:28:08.063root 11241100x800000000000000081324Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aadfd0bdb858a1ee2021-12-17 11:28:08.063root 11241100x800000000000000081325Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.770997546d4502672021-12-17 11:28:08.064root 11241100x800000000000000081326Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0f142ab7e22b20ea2021-12-17 11:28:08.064root 11241100x800000000000000081327Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e4192414a8c9e462021-12-17 11:28:08.064root 11241100x800000000000000081328Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb827c4de54ec8802021-12-17 11:28:08.064root 11241100x800000000000000081329Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f831fdda0d836e3e2021-12-17 11:28:08.064root 11241100x800000000000000081330Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.066{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.05b69c25a95062692021-12-17 11:28:08.066root 11241100x800000000000000081331Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.066{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1de7360f6fbe43002021-12-17 11:28:08.066root 11241100x800000000000000081332Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.066{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.10606f6090bfc0e42021-12-17 11:28:08.066root 11241100x800000000000000081333Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.066{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.492c264b8f08e33f2021-12-17 11:28:08.066root 11241100x800000000000000081334Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.066{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76134e14864eb0d72021-12-17 11:28:08.066root 11241100x800000000000000081335Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1489f943cd116edb2021-12-17 11:28:08.067root 11241100x800000000000000081336Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cbf40e1fbc8990062021-12-17 11:28:08.067root 11241100x800000000000000081337Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ad8dfae589ea0502021-12-17 11:28:08.067root 11241100x800000000000000081338Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f266bf695c620402021-12-17 11:28:08.067root 11241100x800000000000000081339Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a9ba34ca63c5a262021-12-17 11:28:08.067root 11241100x800000000000000081340Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.509f37684be60af52021-12-17 11:28:08.067root 11241100x800000000000000081341Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6af05df35d468e1f2021-12-17 11:28:08.067root 11241100x800000000000000081342Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b88fd02becf56c1a2021-12-17 11:28:08.067root 11241100x800000000000000081343Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eaa4dcd8928444132021-12-17 11:28:08.067root 11241100x800000000000000081344Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a1a2a7fa03ac8242021-12-17 11:28:08.067root 11241100x800000000000000081345Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1757283fb50804fd2021-12-17 11:28:08.067root 11241100x800000000000000081346Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.16ddafaae7e640382021-12-17 11:28:08.067root 11241100x800000000000000081347Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c1e88a1200ad608f2021-12-17 11:28:08.067root 11241100x800000000000000081348Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f575fda6b7e8b9fb2021-12-17 11:28:08.067root 11241100x800000000000000081349Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb8af6cb03e7564a2021-12-17 11:28:08.067root 11241100x800000000000000081350Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6146ec78c08395fa2021-12-17 11:28:08.067root 11241100x800000000000000081351Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.068{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc6f54d9ab87a6412021-12-17 11:28:08.068root 11241100x800000000000000081352Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.068{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d0945c91604558b82021-12-17 11:28:08.068root 11241100x800000000000000081353Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.068{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8dc5abbc6c55e4552021-12-17 11:28:08.068root 11241100x800000000000000081354Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.068{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3dde012f9446a5542021-12-17 11:28:08.068root 11241100x800000000000000081355Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.068{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f336ffdd679e4632021-12-17 11:28:08.068root 11241100x800000000000000081356Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.068{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7eed8131debe16442021-12-17 11:28:08.068root 11241100x800000000000000081357Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.068{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cb75f91d9635d9362021-12-17 11:28:08.068root 11241100x800000000000000081358Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.068{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.32d7abd157b900a12021-12-17 11:28:08.068root 11241100x800000000000000081359Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.068{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e9fe8703f2c3b2342021-12-17 11:28:08.068root 11241100x800000000000000081360Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.069{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4daa54111e2558b92021-12-17 11:28:08.069root 11241100x800000000000000081361Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.069{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b694494293384c3f2021-12-17 11:28:08.069root 11241100x800000000000000081362Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.069{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ae6ea36b716b9942021-12-17 11:28:08.069root 11241100x800000000000000081363Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.069{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.783a0012678f1b122021-12-17 11:28:08.069root 11241100x800000000000000081364Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.069{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fdf77ed16e69bc972021-12-17 11:28:08.069root 11241100x800000000000000081365Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.069{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0e0b766d9b898562021-12-17 11:28:08.069root 11241100x800000000000000081366Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.069{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.56d3b2abc8f3b4c42021-12-17 11:28:08.069root 11241100x800000000000000081367Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.069{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d33c61afd03ff9202021-12-17 11:28:08.069root 11241100x800000000000000081368Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.069{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.178ba5716b7531722021-12-17 11:28:08.069root 11241100x800000000000000081369Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.069{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c82deff2de0800a2021-12-17 11:28:08.069root 11241100x800000000000000081370Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.070{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eba44e5dd86b63f02021-12-17 11:28:08.070root 11241100x800000000000000081371Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.070{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.86a14cda4f7787332021-12-17 11:28:08.070root 11241100x800000000000000081372Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.070{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0b26e6e4230fcbb2021-12-17 11:28:08.070root 11241100x800000000000000081373Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.070{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9efacbf8e8f235812021-12-17 11:28:08.070root 11241100x800000000000000081374Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.070{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c0d2a253b7746552021-12-17 11:28:08.070root 11241100x800000000000000081375Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.556{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.051496d618325bbe2021-12-17 11:28:08.556root 11241100x800000000000000081376Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.556{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f8f899fe8530ad352021-12-17 11:28:08.556root 11241100x800000000000000081377Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.556{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.51c680e421563a242021-12-17 11:28:08.556root 11241100x800000000000000081378Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.556{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd2375024a7c31ea2021-12-17 11:28:08.556root 11241100x800000000000000081379Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9caf2dc185bb7a062021-12-17 11:28:08.557root 11241100x800000000000000081380Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.356f3a2716101ff52021-12-17 11:28:08.557root 11241100x800000000000000081381Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.08886596ab5841962021-12-17 11:28:08.557root 11241100x800000000000000081382Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02081b1ddf1fcc642021-12-17 11:28:08.557root 11241100x800000000000000081383Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe43279d6555bb012021-12-17 11:28:08.557root 11241100x800000000000000081384Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21248bb259fecce42021-12-17 11:28:08.557root 11241100x800000000000000081385Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e65d0d63f04eb2a2021-12-17 11:28:08.557root 11241100x800000000000000081386Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dbe8cd2e2532483c2021-12-17 11:28:08.557root 11241100x800000000000000081387Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6a8421a290709752021-12-17 11:28:08.558root 11241100x800000000000000081388Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.294f5b9db105ff5d2021-12-17 11:28:08.558root 11241100x800000000000000081389Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b25cfc9b1cd6faaf2021-12-17 11:28:08.558root 11241100x800000000000000081390Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d81bc6c6f6a056d92021-12-17 11:28:08.558root 11241100x800000000000000081391Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d4600dbcd1e6593b2021-12-17 11:28:08.559root 11241100x800000000000000081392Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1af4c35cecce014c2021-12-17 11:28:08.559root 11241100x800000000000000081393Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7416fb658563de942021-12-17 11:28:08.559root 11241100x800000000000000081394Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.94938b93fbeb350f2021-12-17 11:28:08.559root 11241100x800000000000000081395Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.32ec8fce89d8a1c72021-12-17 11:28:08.559root 11241100x800000000000000081396Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.412472afaa27d0c52021-12-17 11:28:08.559root 11241100x800000000000000081397Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.847054ccfbff63c42021-12-17 11:28:08.559root 11241100x800000000000000081398Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b0f9e6d5cb59fc1b2021-12-17 11:28:08.559root 11241100x800000000000000081399Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cac766a0d2b2c47c2021-12-17 11:28:08.559root 11241100x800000000000000081400Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b6d0f749483ddea2021-12-17 11:28:08.560root 11241100x800000000000000081401Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b6201e73808bd812021-12-17 11:28:08.560root 11241100x800000000000000081402Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.06473f4d5812c8a32021-12-17 11:28:08.560root 11241100x800000000000000081403Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b060674c81a259fa2021-12-17 11:28:08.560root 11241100x800000000000000081404Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a3bdded7d96c16be2021-12-17 11:28:08.560root 11241100x800000000000000081405Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.245b4643180cca832021-12-17 11:28:08.560root 11241100x800000000000000081406Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.04a913ad6bb149bf2021-12-17 11:28:08.560root 11241100x800000000000000081407Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d3a09af11e0afac2021-12-17 11:28:08.560root 11241100x800000000000000081408Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f87afd663c7e9e92021-12-17 11:28:08.560root 11241100x800000000000000081409Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c6143912af645db2021-12-17 11:28:08.561root 11241100x800000000000000081410Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9da0bd707e4db35f2021-12-17 11:28:08.561root 11241100x800000000000000081411Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3907e6dc14bffd412021-12-17 11:28:08.561root 11241100x800000000000000081412Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a2da3397736ae19b2021-12-17 11:28:08.561root 11241100x800000000000000081413Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe3604d1f8ece41f2021-12-17 11:28:08.561root 11241100x800000000000000081414Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.317d57eaf9eb030e2021-12-17 11:28:08.561root 11241100x800000000000000081415Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.99cc9f0ca1ada58a2021-12-17 11:28:08.561root 11241100x800000000000000081416Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fb6909813f33a5882021-12-17 11:28:08.561root 11241100x800000000000000081417Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.71c392a5507d8c862021-12-17 11:28:08.561root 11241100x800000000000000081418Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c8b018aad9e08c672021-12-17 11:28:08.562root 11241100x800000000000000081419Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d425cc4f07cc92e42021-12-17 11:28:08.562root 11241100x800000000000000081420Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8988fddddec719df2021-12-17 11:28:08.562root 11241100x800000000000000081421Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.84409ef4303143702021-12-17 11:28:08.562root 11241100x800000000000000081422Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8705d624723808452021-12-17 11:28:08.563root 11241100x800000000000000081423Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa730b77f54a3c742021-12-17 11:28:08.563root 11241100x800000000000000081424Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a13b5bb06a6b525e2021-12-17 11:28:08.563root 11241100x800000000000000081425Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bfbbf1b55d3cfc562021-12-17 11:28:08.563root 11241100x800000000000000081426Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.702a062cb58e41c22021-12-17 11:28:08.563root 11241100x800000000000000081427Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e7651dca96367e12021-12-17 11:28:08.563root 11241100x800000000000000081428Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.086925cebd1804482021-12-17 11:28:08.563root 11241100x800000000000000081429Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d31fb4572a623c592021-12-17 11:28:08.563root 11241100x800000000000000081430Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f16bb8784c655272021-12-17 11:28:08.563root 11241100x800000000000000081431Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9cb0e0973cca48982021-12-17 11:28:08.564root 11241100x800000000000000081432Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed874f18c062b12d2021-12-17 11:28:08.564root 11241100x800000000000000081433Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5306637060fddf8c2021-12-17 11:28:08.564root 11241100x800000000000000081434Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d504d68dc63ea7dd2021-12-17 11:28:08.564root 11241100x800000000000000081435Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c787550224cb9cde2021-12-17 11:28:08.564root 11241100x800000000000000081436Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc94d018001a83bb2021-12-17 11:28:08.564root 11241100x800000000000000081437Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.629b22367b36658f2021-12-17 11:28:08.564root 11241100x800000000000000081438Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c9467f8187a4dc9b2021-12-17 11:28:08.565root 11241100x800000000000000081439Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe603d7761e3b5a02021-12-17 11:28:08.565root 11241100x800000000000000081440Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.46d8636dfdbfb2622021-12-17 11:28:08.565root 11241100x800000000000000081441Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ff6eaa24566bd4c2021-12-17 11:28:08.565root 11241100x800000000000000081442Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf38bcf6c440f7f12021-12-17 11:28:08.565root 11241100x800000000000000081443Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e19caa10cb8a12112021-12-17 11:28:08.565root 11241100x800000000000000081444Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.67bf4edadf0f90732021-12-17 11:28:08.565root 11241100x800000000000000081445Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:08.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.80ce457313b0cc762021-12-17 11:28:08.565root 11241100x800000000000000081446Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2112d96ed94018292021-12-17 11:28:09.057root 11241100x800000000000000081447Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e2b7c8c292c03c9f2021-12-17 11:28:09.057root 11241100x800000000000000081448Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f7597c286a2b94d2021-12-17 11:28:09.057root 11241100x800000000000000081449Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c5724b7e8263c42f2021-12-17 11:28:09.057root 11241100x800000000000000081450Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9359d8b814c92de82021-12-17 11:28:09.057root 11241100x800000000000000081451Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.01d6027a37c069542021-12-17 11:28:09.057root 11241100x800000000000000081452Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3c04e24ed6d2d7c32021-12-17 11:28:09.057root 11241100x800000000000000081453Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8005e5176f741742021-12-17 11:28:09.057root 11241100x800000000000000081454Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2269be4069b41a742021-12-17 11:28:09.058root 11241100x800000000000000081455Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.460718612d27f9232021-12-17 11:28:09.058root 11241100x800000000000000081456Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38c33663701ffad32021-12-17 11:28:09.058root 11241100x800000000000000081457Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b0d14c1b53abf2b2021-12-17 11:28:09.058root 11241100x800000000000000081458Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2a08b0bedd78dfcb2021-12-17 11:28:09.058root 11241100x800000000000000081459Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f2480e0f4587e252021-12-17 11:28:09.058root 11241100x800000000000000081460Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c162cb19dd555c522021-12-17 11:28:09.058root 11241100x800000000000000081461Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e578d393bce555152021-12-17 11:28:09.058root 11241100x800000000000000081462Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba26342ebd0d668d2021-12-17 11:28:09.058root 11241100x800000000000000081463Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.adbf67e9b8a29e3d2021-12-17 11:28:09.058root 11241100x800000000000000081464Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f25d1e2831e0b52d2021-12-17 11:28:09.058root 11241100x800000000000000081465Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fdf56c94fd0865312021-12-17 11:28:09.058root 11241100x800000000000000081466Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ca420cd314ad9ed2021-12-17 11:28:09.058root 11241100x800000000000000081467Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ebf02bf9afb34fe62021-12-17 11:28:09.059root 11241100x800000000000000081468Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d85fe1418a7c82c2021-12-17 11:28:09.059root 11241100x800000000000000081469Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bf2b60b75dc2ab932021-12-17 11:28:09.059root 11241100x800000000000000081470Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.42cc90eea74613952021-12-17 11:28:09.059root 11241100x800000000000000081471Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41e62619679a85ab2021-12-17 11:28:09.059root 11241100x800000000000000081472Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47c169cbaeea71802021-12-17 11:28:09.059root 11241100x800000000000000081473Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.455a985e150e4efb2021-12-17 11:28:09.059root 11241100x800000000000000081474Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5760d79613e8e3de2021-12-17 11:28:09.059root 11241100x800000000000000081475Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.08f967e30b50a7002021-12-17 11:28:09.059root 11241100x800000000000000081476Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2044fa010863738c2021-12-17 11:28:09.059root 11241100x800000000000000081477Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b865a99802686db32021-12-17 11:28:09.059root 11241100x800000000000000081478Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d340974b36e01b62021-12-17 11:28:09.059root 11241100x800000000000000081479Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f0eff91b39db56f22021-12-17 11:28:09.059root 11241100x800000000000000081480Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d17715209f1f3d1a2021-12-17 11:28:09.060root 11241100x800000000000000081481Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.40558105c8afb7032021-12-17 11:28:09.060root 11241100x800000000000000081482Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b433847343b502e2021-12-17 11:28:09.060root 11241100x800000000000000081483Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eeac474e830135cb2021-12-17 11:28:09.060root 11241100x800000000000000081484Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b44493c9cadae512021-12-17 11:28:09.060root 11241100x800000000000000081485Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.14a9e710a325472d2021-12-17 11:28:09.060root 11241100x800000000000000081486Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0334593ddb3a0f32021-12-17 11:28:09.060root 11241100x800000000000000081487Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4cd360f28a6a31b92021-12-17 11:28:09.060root 11241100x800000000000000081488Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.83409b83663db0372021-12-17 11:28:09.060root 11241100x800000000000000081489Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e969b8b8e162c8a12021-12-17 11:28:09.060root 11241100x800000000000000081490Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.56f63b29f89914732021-12-17 11:28:09.060root 11241100x800000000000000081491Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa9a3bbc97f0a00d2021-12-17 11:28:09.061root 11241100x800000000000000081492Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.593a8b6aa86c72c32021-12-17 11:28:09.061root 11241100x800000000000000081493Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b126feb840f5d742021-12-17 11:28:09.061root 11241100x800000000000000081494Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.53f6434f86bce4432021-12-17 11:28:09.061root 11241100x800000000000000081495Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8901c2eb7ad512532021-12-17 11:28:09.061root 11241100x800000000000000081496Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c7dacf83737e20822021-12-17 11:28:09.061root 11241100x800000000000000081497Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1edbac148aef07df2021-12-17 11:28:09.061root 11241100x800000000000000081498Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aac87f6fc7e13d7c2021-12-17 11:28:09.061root 11241100x800000000000000081499Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ce3f2bbca17eb1c2021-12-17 11:28:09.061root 354300x800000000000000081500Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.176{ec28ba6a-70a3-61bc-5175-3a0400000000}5248/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-42962-false10.0.1.12-8000- 11241100x800000000000000081501Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38a866abd42f04762021-12-17 11:28:09.557root 11241100x800000000000000081502Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.470ba0bddc2923412021-12-17 11:28:09.557root 11241100x800000000000000081503Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76dc85a66d3c9aaa2021-12-17 11:28:09.557root 11241100x800000000000000081504Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.50e5f2ba7a3f45842021-12-17 11:28:09.557root 11241100x800000000000000081505Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ec5449080ac05c02021-12-17 11:28:09.557root 11241100x800000000000000081506Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41be27a20191c6d62021-12-17 11:28:09.557root 11241100x800000000000000081507Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fce2627d0eb173b52021-12-17 11:28:09.557root 11241100x800000000000000081508Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.723d48aace9216c32021-12-17 11:28:09.558root 11241100x800000000000000081509Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ede5e0ee651e9d42021-12-17 11:28:09.558root 11241100x800000000000000081510Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bbf46f31f714aeab2021-12-17 11:28:09.558root 11241100x800000000000000081511Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cdc0e73e3b12a4422021-12-17 11:28:09.558root 11241100x800000000000000081512Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d9e28226d00eac62021-12-17 11:28:09.558root 11241100x800000000000000081513Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0681ae4895118112021-12-17 11:28:09.558root 11241100x800000000000000081514Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dcb16bed3bb847fd2021-12-17 11:28:09.558root 11241100x800000000000000081515Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.89f8ba1a67abfcb52021-12-17 11:28:09.559root 11241100x800000000000000081516Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d01cd72262bcc1c2021-12-17 11:28:09.559root 11241100x800000000000000081517Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.779b7831330045d42021-12-17 11:28:09.559root 11241100x800000000000000081518Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c01ad23691715dae2021-12-17 11:28:09.559root 11241100x800000000000000081519Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ddd642c8f0ff33412021-12-17 11:28:09.559root 11241100x800000000000000081520Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.afd8149c818b58f52021-12-17 11:28:09.559root 11241100x800000000000000081521Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.994c510afae219792021-12-17 11:28:09.559root 11241100x800000000000000081522Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2b9188deb812fe062021-12-17 11:28:09.560root 11241100x800000000000000081523Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.346638feb8c73a842021-12-17 11:28:09.560root 11241100x800000000000000081524Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3780ea80e02a19ef2021-12-17 11:28:09.560root 11241100x800000000000000081525Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4cc7edf7ce6dbc182021-12-17 11:28:09.560root 11241100x800000000000000081526Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f1adb824a9e935f2021-12-17 11:28:09.560root 11241100x800000000000000081527Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b17888c787d40bb2021-12-17 11:28:09.560root 11241100x800000000000000081528Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1bc871e691dc33b42021-12-17 11:28:09.561root 11241100x800000000000000081529Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b8de3f25d088f3d12021-12-17 11:28:09.561root 11241100x800000000000000081530Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a73da7d6b7b0b952021-12-17 11:28:09.561root 11241100x800000000000000081531Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e9e25eb3a79cfbc2021-12-17 11:28:09.561root 11241100x800000000000000081532Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.783e4052a68a73ea2021-12-17 11:28:09.561root 11241100x800000000000000081533Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2292ca97f5ac42db2021-12-17 11:28:09.561root 11241100x800000000000000081534Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.40395c88749559372021-12-17 11:28:09.561root 11241100x800000000000000081535Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9bb8925634f329f92021-12-17 11:28:09.562root 11241100x800000000000000081536Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.80bc6d9edd09e95d2021-12-17 11:28:09.562root 11241100x800000000000000081537Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d4b0d2af1e22b93f2021-12-17 11:28:09.562root 11241100x800000000000000081538Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.969459d8051af93c2021-12-17 11:28:09.562root 11241100x800000000000000081539Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3ada6c86005ecc52021-12-17 11:28:09.562root 11241100x800000000000000081540Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5af4dd7f4ffc8ab42021-12-17 11:28:09.563root 11241100x800000000000000081541Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f1fe86dcefd538732021-12-17 11:28:09.563root 11241100x800000000000000081542Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb2adb0766ec47af2021-12-17 11:28:09.563root 11241100x800000000000000081543Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9be619dcfe7795292021-12-17 11:28:09.563root 11241100x800000000000000081544Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d524a9e6d8ba3d92021-12-17 11:28:09.563root 11241100x800000000000000081545Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6bc473e5bf408b942021-12-17 11:28:09.563root 11241100x800000000000000081546Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.31d2e82133315cb62021-12-17 11:28:09.563root 11241100x800000000000000081547Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.98f50c1e4f62feb82021-12-17 11:28:09.564root 11241100x800000000000000081548Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.03992c5a7c60fbb22021-12-17 11:28:09.564root 11241100x800000000000000081549Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.07dea01766a9331d2021-12-17 11:28:09.564root 11241100x800000000000000081550Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fb9c9be82a7661732021-12-17 11:28:09.564root 11241100x800000000000000081551Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.24c769f01b9256582021-12-17 11:28:09.564root 11241100x800000000000000081552Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.126149c7ef2bf2a02021-12-17 11:28:09.564root 11241100x800000000000000081553Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6cf3663407b95ef82021-12-17 11:28:09.565root 11241100x800000000000000081554Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d10cad715525fbc72021-12-17 11:28:09.565root 11241100x800000000000000081555Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.01b9e3e0dcdd06eb2021-12-17 11:28:09.565root 11241100x800000000000000081556Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a079b38203792bb2021-12-17 11:28:09.565root 11241100x800000000000000081557Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.22640e8c98cb64cf2021-12-17 11:28:09.565root 11241100x800000000000000081558Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd101338a260a9e62021-12-17 11:28:09.565root 11241100x800000000000000081559Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91b41dd5dfe7d2452021-12-17 11:28:09.565root 11241100x800000000000000081560Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.55bf06461e93830f2021-12-17 11:28:09.565root 11241100x800000000000000081561Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:09.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c7393ef248bb8a92021-12-17 11:28:09.565root 11241100x800000000000000081562Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c9fe6f53197362812021-12-17 11:28:10.057root 11241100x800000000000000081563Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76d4f456f46c21ac2021-12-17 11:28:10.057root 11241100x800000000000000081564Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dbf5be3cd51844a02021-12-17 11:28:10.057root 11241100x800000000000000081565Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.07b477419aee65a02021-12-17 11:28:10.057root 11241100x800000000000000081566Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.246e56c8616dce972021-12-17 11:28:10.057root 11241100x800000000000000081567Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48a41ae319edaf3e2021-12-17 11:28:10.057root 11241100x800000000000000081568Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d4e74ef6116db1de2021-12-17 11:28:10.057root 11241100x800000000000000081569Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d4f4278c04e60052021-12-17 11:28:10.057root 11241100x800000000000000081570Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c62c288cdadaae062021-12-17 11:28:10.058root 11241100x800000000000000081571Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a922484ca70cf0a12021-12-17 11:28:10.058root 11241100x800000000000000081572Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41f609d41b0e12292021-12-17 11:28:10.058root 11241100x800000000000000081573Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.432d44c74bd6fae52021-12-17 11:28:10.058root 11241100x800000000000000081574Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba9418651d635ab62021-12-17 11:28:10.058root 11241100x800000000000000081575Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2a4e754dd0e8b4a32021-12-17 11:28:10.058root 11241100x800000000000000081576Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.699780a4431e00db2021-12-17 11:28:10.058root 11241100x800000000000000081577Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.16f289c462bc097b2021-12-17 11:28:10.058root 11241100x800000000000000081578Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce287b0fc44607f12021-12-17 11:28:10.058root 11241100x800000000000000081579Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.85a84f48b69e67392021-12-17 11:28:10.059root 11241100x800000000000000081580Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e225f72be18de2312021-12-17 11:28:10.059root 11241100x800000000000000081581Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae3c7aebca0dae522021-12-17 11:28:10.059root 11241100x800000000000000081582Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f0db544f9b0e11522021-12-17 11:28:10.059root 11241100x800000000000000081583Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2b40ad681a0761c52021-12-17 11:28:10.059root 11241100x800000000000000081584Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.17cba5273fae45a42021-12-17 11:28:10.059root 11241100x800000000000000081585Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a50b250902b909d2021-12-17 11:28:10.059root 11241100x800000000000000081586Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e73351be5e05b842021-12-17 11:28:10.059root 11241100x800000000000000081587Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f2d8f6335a71a7312021-12-17 11:28:10.060root 11241100x800000000000000081588Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1adf5f5f4b10fa402021-12-17 11:28:10.060root 11241100x800000000000000081589Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f450fcfd0967c002021-12-17 11:28:10.060root 11241100x800000000000000081590Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2896c2b2586b464c2021-12-17 11:28:10.060root 11241100x800000000000000081591Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.061bcb3ee799f2012021-12-17 11:28:10.060root 11241100x800000000000000081592Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7cea1cf78c0492d62021-12-17 11:28:10.060root 11241100x800000000000000081593Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ac5712cc9b2404b2021-12-17 11:28:10.060root 11241100x800000000000000081594Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.945d96231d4e00832021-12-17 11:28:10.060root 11241100x800000000000000081595Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a13b341fbb4346b92021-12-17 11:28:10.060root 11241100x800000000000000081596Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0779543cfd3ace8b2021-12-17 11:28:10.060root 11241100x800000000000000081597Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f370a954bb3a42452021-12-17 11:28:10.061root 11241100x800000000000000081598Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69f42c2a1a3e3b612021-12-17 11:28:10.061root 11241100x800000000000000081599Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df1a0fcfbad5612d2021-12-17 11:28:10.061root 11241100x800000000000000081600Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8513d439b2b059362021-12-17 11:28:10.061root 11241100x800000000000000081601Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cb51a2641a3fd8a52021-12-17 11:28:10.061root 11241100x800000000000000081602Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a5d183f14ba501a82021-12-17 11:28:10.061root 11241100x800000000000000081603Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.65607b6de3477c412021-12-17 11:28:10.061root 11241100x800000000000000081604Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a14688d59d0fd702021-12-17 11:28:10.061root 11241100x800000000000000081605Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc9603a22c6202822021-12-17 11:28:10.061root 11241100x800000000000000081606Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.70504ede4b1ecbbe2021-12-17 11:28:10.062root 11241100x800000000000000081607Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.87304f268f12f83f2021-12-17 11:28:10.062root 11241100x800000000000000081608Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a8db22999dbc35c2021-12-17 11:28:10.062root 11241100x800000000000000081609Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5eaba611145ad8472021-12-17 11:28:10.062root 11241100x800000000000000081610Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c1141842ee73f572021-12-17 11:28:10.062root 11241100x800000000000000081611Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.007bc726117bbde72021-12-17 11:28:10.062root 11241100x800000000000000081612Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e015d7ed71ffa272021-12-17 11:28:10.062root 11241100x800000000000000081613Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e1bca5cd07c335c22021-12-17 11:28:10.062root 11241100x800000000000000081614Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff312343cad366252021-12-17 11:28:10.062root 11241100x800000000000000081615Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.67ee7b646e73ce6c2021-12-17 11:28:10.063root 11241100x800000000000000081616Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b648faf60a757d2a2021-12-17 11:28:10.063root 11241100x800000000000000081617Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ea04382a0c2aae822021-12-17 11:28:10.063root 11241100x800000000000000081618Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fdbdcf8f5e3e25542021-12-17 11:28:10.063root 11241100x800000000000000081619Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.14c6ee006250d8762021-12-17 11:28:10.063root 11241100x800000000000000081620Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc841874d7d715db2021-12-17 11:28:10.063root 11241100x800000000000000081621Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a564e942310f1eb92021-12-17 11:28:10.063root 11241100x800000000000000081622Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.08c737fcbc1425fa2021-12-17 11:28:10.063root 11241100x800000000000000081623Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.03023c1c5dab6dcf2021-12-17 11:28:10.063root 11241100x800000000000000081624Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d65abd5f442b89912021-12-17 11:28:10.064root 11241100x800000000000000081625Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.88760e3b260ac14a2021-12-17 11:28:10.064root 11241100x800000000000000081626Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.556{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e1242fc00bbbef8f2021-12-17 11:28:10.556root 11241100x800000000000000081627Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3fd608ba0223fbe12021-12-17 11:28:10.557root 11241100x800000000000000081628Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23c7129c622990882021-12-17 11:28:10.557root 11241100x800000000000000081629Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c27360d03a467cb12021-12-17 11:28:10.557root 11241100x800000000000000081630Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a52e0b0c20b60022021-12-17 11:28:10.557root 11241100x800000000000000081631Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.025daeb09c1ec1482021-12-17 11:28:10.557root 11241100x800000000000000081632Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cae52ddfc05d13fc2021-12-17 11:28:10.557root 11241100x800000000000000081633Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90319d5abf80feb42021-12-17 11:28:10.557root 11241100x800000000000000081634Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ead98865871d976b2021-12-17 11:28:10.557root 11241100x800000000000000081635Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0fa1710656843c262021-12-17 11:28:10.557root 11241100x800000000000000081636Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d04e817600defdf2021-12-17 11:28:10.557root 11241100x800000000000000081637Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3889d3b775ef5ff32021-12-17 11:28:10.557root 11241100x800000000000000081638Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.83ae5ea2125dfded2021-12-17 11:28:10.558root 11241100x800000000000000081639Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b76daafae6429ea2021-12-17 11:28:10.558root 11241100x800000000000000081640Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d9de8ce36efa51df2021-12-17 11:28:10.558root 11241100x800000000000000081641Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b62077a3eede6f92021-12-17 11:28:10.558root 11241100x800000000000000081642Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e5c1d3c27feeb992021-12-17 11:28:10.558root 11241100x800000000000000081643Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7980c383d1a6ae702021-12-17 11:28:10.558root 11241100x800000000000000081644Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.46c4d406bcdc82f02021-12-17 11:28:10.559root 11241100x800000000000000081645Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bbc6c7d7dfa7d0662021-12-17 11:28:10.559root 11241100x800000000000000081646Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b6178e24e3ef1342021-12-17 11:28:10.559root 11241100x800000000000000081647Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e3290d2d1214cbf62021-12-17 11:28:10.560root 11241100x800000000000000081648Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.99e51bee4f3c8ada2021-12-17 11:28:10.560root 11241100x800000000000000081649Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2015ee6bcc63bcbc2021-12-17 11:28:10.560root 11241100x800000000000000081650Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd996a92d114d2702021-12-17 11:28:10.560root 11241100x800000000000000081651Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.842dff4e646304e32021-12-17 11:28:10.560root 11241100x800000000000000081652Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d5c47c6799448c672021-12-17 11:28:10.560root 11241100x800000000000000081653Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.28aab90a7add2cfd2021-12-17 11:28:10.560root 11241100x800000000000000081654Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e5bc25bd9a55c872021-12-17 11:28:10.560root 11241100x800000000000000081655Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.395b492f2ad872fe2021-12-17 11:28:10.561root 11241100x800000000000000081656Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f224f00cf7f25eb22021-12-17 11:28:10.561root 11241100x800000000000000081657Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f1075af6ca8caa82021-12-17 11:28:10.561root 11241100x800000000000000081658Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ada540181e2987102021-12-17 11:28:10.561root 11241100x800000000000000081659Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54da36207d2905172021-12-17 11:28:10.561root 11241100x800000000000000081660Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2819384fd64e20152021-12-17 11:28:10.562root 11241100x800000000000000081661Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.03e51178ade52e702021-12-17 11:28:10.562root 11241100x800000000000000081662Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.39ff4bce32fb1c622021-12-17 11:28:10.562root 11241100x800000000000000081663Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b699bee234aabde2021-12-17 11:28:10.562root 11241100x800000000000000081664Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.924b7ab223a36b642021-12-17 11:28:10.562root 11241100x800000000000000081665Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6affa8661fcbcc982021-12-17 11:28:10.562root 11241100x800000000000000081666Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d51c5c441c2d68942021-12-17 11:28:10.562root 11241100x800000000000000081667Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6ae66e2ddc0a7bd2021-12-17 11:28:10.563root 11241100x800000000000000081668Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d05fc6c1bc6916dc2021-12-17 11:28:10.563root 11241100x800000000000000081669Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d9d9058abf16c7452021-12-17 11:28:10.563root 11241100x800000000000000081670Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.217ba1b439d4db502021-12-17 11:28:10.563root 11241100x800000000000000081671Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae8e53ba519f34472021-12-17 11:28:10.564root 11241100x800000000000000081672Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0639ea7f0b45176d2021-12-17 11:28:10.564root 11241100x800000000000000081673Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3005194d99ea79052021-12-17 11:28:10.564root 11241100x800000000000000081674Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.406f88a052982e342021-12-17 11:28:10.564root 11241100x800000000000000081675Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d24f4b98858d3e62021-12-17 11:28:10.564root 11241100x800000000000000081676Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.32ad28668abd1ae62021-12-17 11:28:10.564root 11241100x800000000000000081677Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.15c105703e8955cd2021-12-17 11:28:10.564root 11241100x800000000000000081678Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a528ba1f3e60be732021-12-17 11:28:10.565root 11241100x800000000000000081679Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.19a41c4688f5b9ef2021-12-17 11:28:10.565root 11241100x800000000000000081680Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c515a88fcee73f52021-12-17 11:28:10.565root 11241100x800000000000000081681Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.16fb642fa0e3e5ff2021-12-17 11:28:10.565root 11241100x800000000000000081682Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.566{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f1f9f00ab2528c1e2021-12-17 11:28:10.566root 11241100x800000000000000081683Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.566{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa1160fe4f0be5642021-12-17 11:28:10.566root 11241100x800000000000000081684Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.567{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.82475307153129dd2021-12-17 11:28:10.567root 11241100x800000000000000081685Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:10.567{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.138c623b8baef76c2021-12-17 11:28:10.567root 11241100x800000000000000081686Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e88c10e37c49786a2021-12-17 11:28:11.056root 11241100x800000000000000081687Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.904934f52f6fcb602021-12-17 11:28:11.056root 11241100x800000000000000081688Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8eb5a3af1a7919a12021-12-17 11:28:11.056root 11241100x800000000000000081689Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ee62fd85e3bcd8a2021-12-17 11:28:11.056root 11241100x800000000000000081690Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.335ddfe537d360db2021-12-17 11:28:11.057root 11241100x800000000000000081691Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.19fa40417c884d6a2021-12-17 11:28:11.057root 11241100x800000000000000081692Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.379f74ea1a18c27f2021-12-17 11:28:11.057root 11241100x800000000000000081693Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.57c4bee6754318512021-12-17 11:28:11.057root 11241100x800000000000000081694Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2651a268be50da5b2021-12-17 11:28:11.057root 11241100x800000000000000081695Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4dba6e15db693842021-12-17 11:28:11.057root 11241100x800000000000000081696Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bae8310fae9dc20f2021-12-17 11:28:11.057root 11241100x800000000000000081697Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df591c0385b0f0bd2021-12-17 11:28:11.057root 11241100x800000000000000081698Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d547b2b39175644a2021-12-17 11:28:11.057root 11241100x800000000000000081699Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4815e7c3e76907592021-12-17 11:28:11.057root 11241100x800000000000000081700Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fb396dce5fbb18eb2021-12-17 11:28:11.058root 11241100x800000000000000081701Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb2e09c4477e48b92021-12-17 11:28:11.058root 11241100x800000000000000081702Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7993a36c855c372e2021-12-17 11:28:11.058root 11241100x800000000000000081703Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.10784ad6418ac8b12021-12-17 11:28:11.058root 11241100x800000000000000081704Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c483bc2e6073b3222021-12-17 11:28:11.058root 11241100x800000000000000081705Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7cc8f865f0a837402021-12-17 11:28:11.058root 11241100x800000000000000081706Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c221b6a6a295bd902021-12-17 11:28:11.059root 11241100x800000000000000081707Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.607961111430b3462021-12-17 11:28:11.059root 11241100x800000000000000081708Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4fb79ce08e0b06ef2021-12-17 11:28:11.059root 11241100x800000000000000081709Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96b41942b80be4be2021-12-17 11:28:11.059root 11241100x800000000000000081710Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba3427e9b2b29e712021-12-17 11:28:11.059root 11241100x800000000000000081711Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e8a908798c2f1b02021-12-17 11:28:11.059root 11241100x800000000000000081712Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc5c685bc3fcddba2021-12-17 11:28:11.060root 11241100x800000000000000081713Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5fdc5d92b15bcde72021-12-17 11:28:11.060root 11241100x800000000000000081714Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.becb08f4d74a8e252021-12-17 11:28:11.060root 11241100x800000000000000081715Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af60aa23523dcb8e2021-12-17 11:28:11.060root 11241100x800000000000000081716Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.58fb3e82aa9a35042021-12-17 11:28:11.060root 11241100x800000000000000081717Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e3c60adee299957d2021-12-17 11:28:11.060root 11241100x800000000000000081718Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.897b8091c65d22d32021-12-17 11:28:11.061root 11241100x800000000000000081719Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e21640746b919e612021-12-17 11:28:11.061root 11241100x800000000000000081720Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00f3f789fe8f05822021-12-17 11:28:11.061root 11241100x800000000000000081721Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1527de5fb42aa9b32021-12-17 11:28:11.061root 11241100x800000000000000081722Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d47dca23151c0d972021-12-17 11:28:11.061root 11241100x800000000000000081723Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38bed2ab7b0c6d3a2021-12-17 11:28:11.061root 11241100x800000000000000081724Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.942565394e28c1962021-12-17 11:28:11.061root 11241100x800000000000000081725Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c72dc45d77543d362021-12-17 11:28:11.061root 11241100x800000000000000081726Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b32300d583a988d2021-12-17 11:28:11.061root 11241100x800000000000000081727Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.652b0ffe91946e732021-12-17 11:28:11.061root 11241100x800000000000000081728Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d4096b8c88199c82021-12-17 11:28:11.062root 11241100x800000000000000081729Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d154b94683f0ba852021-12-17 11:28:11.062root 11241100x800000000000000081730Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.764920450414dd282021-12-17 11:28:11.062root 11241100x800000000000000081731Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f1d2841d77857672021-12-17 11:28:11.062root 11241100x800000000000000081732Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1db8246c6b0290d2021-12-17 11:28:11.062root 11241100x800000000000000081733Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.68056a4af0b688972021-12-17 11:28:11.062root 11241100x800000000000000081734Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.679bca70afbd2d072021-12-17 11:28:11.062root 11241100x800000000000000081735Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.82b3e3c327c958952021-12-17 11:28:11.062root 11241100x800000000000000081736Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc7b68a0261f2dbd2021-12-17 11:28:11.062root 11241100x800000000000000081737Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bf7488c8dd5d563d2021-12-17 11:28:11.062root 11241100x800000000000000081738Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d5f7926f0d02d2192021-12-17 11:28:11.062root 11241100x800000000000000081739Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e224d7b05848aa02021-12-17 11:28:11.063root 11241100x800000000000000081740Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c390fc1a0a71106e2021-12-17 11:28:11.063root 11241100x800000000000000081741Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.501ce7a4bcee18502021-12-17 11:28:11.063root 11241100x800000000000000081742Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6c44957b596633a2021-12-17 11:28:11.063root 11241100x800000000000000081743Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.212a199f22856b3d2021-12-17 11:28:11.063root 11241100x800000000000000081744Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2a0a34e3391bcb0d2021-12-17 11:28:11.063root 11241100x800000000000000081745Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09fe4eefb0a0a3aa2021-12-17 11:28:11.063root 11241100x800000000000000081746Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90d924b69a7c2bf22021-12-17 11:28:11.063root 11241100x800000000000000081747Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4de9c923b65c74702021-12-17 11:28:11.063root 11241100x800000000000000081748Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.525468dfd3ee06782021-12-17 11:28:11.063root 11241100x800000000000000081749Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.236d2c8dbbb884862021-12-17 11:28:11.063root 11241100x800000000000000081750Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef355e33170a80a12021-12-17 11:28:11.064root 11241100x800000000000000081751Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb4e8e77151049ce2021-12-17 11:28:11.064root 11241100x800000000000000081752Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d3ae9dd694ff5822021-12-17 11:28:11.064root 11241100x800000000000000081753Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6df74c346df13bc32021-12-17 11:28:11.064root 11241100x800000000000000081754Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a3a7dc8e543405702021-12-17 11:28:11.064root 11241100x800000000000000081755Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f7917cdd5920dd62021-12-17 11:28:11.064root 11241100x800000000000000081756Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c483a7f9a95ad5b12021-12-17 11:28:11.064root 11241100x800000000000000081757Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fb2658dc8cb15c9d2021-12-17 11:28:11.064root 11241100x800000000000000081758Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc87409ef31d62922021-12-17 11:28:11.064root 11241100x800000000000000081759Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e45c2f80225e1f442021-12-17 11:28:11.064root 11241100x800000000000000081760Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c10c36ef95571af2021-12-17 11:28:11.065root 11241100x800000000000000081761Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.87ff84637b136c022021-12-17 11:28:11.065root 11241100x800000000000000081762Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7633c7ae34e4a8022021-12-17 11:28:11.065root 11241100x800000000000000081763Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d325223f9d98a5eb2021-12-17 11:28:11.065root 11241100x800000000000000081764Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b541c81c83417db2021-12-17 11:28:11.065root 11241100x800000000000000081765Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.931075a2f68050562021-12-17 11:28:11.065root 11241100x800000000000000081766Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c02703c6d57352882021-12-17 11:28:11.065root 11241100x800000000000000081767Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba1f643d04a5cbd32021-12-17 11:28:11.065root 11241100x800000000000000081768Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.56cb79d0421ff2302021-12-17 11:28:11.065root 11241100x800000000000000081769Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf174b0edc4e28852021-12-17 11:28:11.557root 11241100x800000000000000081770Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00acdb470f241e8f2021-12-17 11:28:11.557root 11241100x800000000000000081771Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f0015b72a0a70b0c2021-12-17 11:28:11.557root 11241100x800000000000000081772Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d3453eeed54d124d2021-12-17 11:28:11.557root 11241100x800000000000000081773Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e349ceb1c2c02d382021-12-17 11:28:11.557root 11241100x800000000000000081774Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54accdf4ec2fe3ca2021-12-17 11:28:11.558root 11241100x800000000000000081775Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.42326e7d5982dca82021-12-17 11:28:11.558root 11241100x800000000000000081776Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.737920a0ee0f7d802021-12-17 11:28:11.558root 11241100x800000000000000081777Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.67b37a2fa55ffb1f2021-12-17 11:28:11.558root 11241100x800000000000000081778Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b2467708786a4ec2021-12-17 11:28:11.559root 11241100x800000000000000081779Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b66182a3ec2eb5792021-12-17 11:28:11.559root 11241100x800000000000000081780Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eebf2b43a6353f772021-12-17 11:28:11.559root 11241100x800000000000000081781Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b03968e1d0910a3b2021-12-17 11:28:11.559root 11241100x800000000000000081782Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.22b825d7988394422021-12-17 11:28:11.559root 11241100x800000000000000081783Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.40e02cea0900e67a2021-12-17 11:28:11.559root 11241100x800000000000000081784Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ebf9b36aa58baa642021-12-17 11:28:11.559root 11241100x800000000000000081785Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e009705739712802021-12-17 11:28:11.559root 11241100x800000000000000081786Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ad9f1259f0994de02021-12-17 11:28:11.559root 11241100x800000000000000081787Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8eb92f6e99c11952021-12-17 11:28:11.559root 11241100x800000000000000081788Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f249e03494b4a402021-12-17 11:28:11.559root 11241100x800000000000000081789Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d23ff1f00c91d662021-12-17 11:28:11.559root 11241100x800000000000000081790Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.845b2118730432bd2021-12-17 11:28:11.560root 11241100x800000000000000081791Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8fd46657cb66bbe32021-12-17 11:28:11.560root 11241100x800000000000000081792Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a00aa73f341d1af72021-12-17 11:28:11.560root 11241100x800000000000000081793Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a4b579e1c52318592021-12-17 11:28:11.560root 11241100x800000000000000081794Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b90ea91c39264112021-12-17 11:28:11.560root 11241100x800000000000000081795Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63b9d36dfe215bfb2021-12-17 11:28:11.560root 11241100x800000000000000081796Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd7905ff9da0ea432021-12-17 11:28:11.560root 11241100x800000000000000081797Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5cd9a4c1ede0fe112021-12-17 11:28:11.560root 11241100x800000000000000081798Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.42ef62c61314de4d2021-12-17 11:28:11.560root 11241100x800000000000000081799Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6de11623e2c667122021-12-17 11:28:11.560root 11241100x800000000000000081800Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0937a1411b4a5c0e2021-12-17 11:28:11.560root 11241100x800000000000000081801Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f4924d9f6255bccd2021-12-17 11:28:11.560root 11241100x800000000000000081802Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.812b07597d17b17a2021-12-17 11:28:11.560root 11241100x800000000000000081803Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b619c624ec278f02021-12-17 11:28:11.560root 11241100x800000000000000081804Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.730bd9a0f68d777f2021-12-17 11:28:11.561root 11241100x800000000000000081805Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e34172b517ca737f2021-12-17 11:28:11.561root 11241100x800000000000000081806Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0f2953ee51effe6f2021-12-17 11:28:11.561root 11241100x800000000000000081807Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.66e3f1474b2c2b112021-12-17 11:28:11.561root 11241100x800000000000000081808Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.49025358695110222021-12-17 11:28:11.561root 11241100x800000000000000081809Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e6a09bdc3ee879c2021-12-17 11:28:11.561root 11241100x800000000000000081810Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.58c4e166d4381e8b2021-12-17 11:28:11.561root 11241100x800000000000000081811Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6b10f65c7b310b42021-12-17 11:28:11.561root 11241100x800000000000000081812Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f26aa06c96a788d2021-12-17 11:28:11.562root 11241100x800000000000000081813Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.32fb58062e52d78f2021-12-17 11:28:11.562root 11241100x800000000000000081814Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3578f853bd3e7c0b2021-12-17 11:28:11.562root 11241100x800000000000000081815Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7eb05459571359e42021-12-17 11:28:11.562root 11241100x800000000000000081816Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d998e7f6c5a239e72021-12-17 11:28:11.562root 11241100x800000000000000081817Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc598d0fee1a011d2021-12-17 11:28:11.562root 11241100x800000000000000081818Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.87ce235de699e5762021-12-17 11:28:11.562root 11241100x800000000000000081819Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fdc5c6160239d0452021-12-17 11:28:11.563root 11241100x800000000000000081820Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5726d85cefbd43392021-12-17 11:28:11.563root 11241100x800000000000000081821Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.13bfa0b6f1688bc12021-12-17 11:28:11.563root 11241100x800000000000000081822Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.489a1ed5d1c4b5c02021-12-17 11:28:11.563root 11241100x800000000000000081823Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd369a5089824a2c2021-12-17 11:28:11.563root 11241100x800000000000000081824Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db4e2091a0143bcd2021-12-17 11:28:11.563root 11241100x800000000000000081825Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.314358b1db71d2d92021-12-17 11:28:11.563root 11241100x800000000000000081826Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1827867ea0af8b162021-12-17 11:28:11.563root 11241100x800000000000000081827Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e3b712dff47561ba2021-12-17 11:28:11.563root 11241100x800000000000000081828Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8a65372904095d162021-12-17 11:28:11.563root 11241100x800000000000000081829Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.355938255b7f4fd62021-12-17 11:28:11.564root 11241100x800000000000000081830Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd822d55a0224fa12021-12-17 11:28:11.564root 11241100x800000000000000081831Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9279925c2b85c31b2021-12-17 11:28:11.564root 11241100x800000000000000081832Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1e5f896bb887b29f2021-12-17 11:28:11.564root 11241100x800000000000000081833Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c359777ebc0124812021-12-17 11:28:11.564root 11241100x800000000000000081834Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.74adc4d7dfec3e1e2021-12-17 11:28:11.564root 11241100x800000000000000081835Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cb995767f09992e42021-12-17 11:28:11.564root 11241100x800000000000000081836Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d19ee17efafae7b2021-12-17 11:28:11.564root 11241100x800000000000000081837Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e1ef39ae34fef3822021-12-17 11:28:11.564root 11241100x800000000000000081838Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6caf6100ab0203e2021-12-17 11:28:11.564root 11241100x800000000000000081839Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a92d809e27f695f2021-12-17 11:28:11.565root 11241100x800000000000000081840Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc86b6a980d7981f2021-12-17 11:28:11.565root 11241100x800000000000000081841Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.39a5dbf3a658921a2021-12-17 11:28:11.565root 11241100x800000000000000081842Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47e08587f88c9a3d2021-12-17 11:28:11.565root 11241100x800000000000000081843Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.138de9d439624c6b2021-12-17 11:28:11.565root 11241100x800000000000000081844Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4baa66595a6247932021-12-17 11:28:11.565root 11241100x800000000000000081845Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1d8af3d56711f0a2021-12-17 11:28:11.565root 11241100x800000000000000081846Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d7cb5c1fb9b550c52021-12-17 11:28:11.565root 11241100x800000000000000081847Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f42d1b36c0aac1ef2021-12-17 11:28:11.565root 11241100x800000000000000081848Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.abcccb7a868426c22021-12-17 11:28:11.565root 11241100x800000000000000081849Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de1409362314aeac2021-12-17 11:28:11.565root 11241100x800000000000000081850Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa2e3b2f5d34bef32021-12-17 11:28:11.565root 11241100x800000000000000081851Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.566{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.43bf9871b9137cfc2021-12-17 11:28:11.566root 11241100x800000000000000081852Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.566{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0bb8166711b9fd0a2021-12-17 11:28:11.566root 11241100x800000000000000081853Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.566{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a0427906af2f8902021-12-17 11:28:11.566root 11241100x800000000000000081854Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.566{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c254a1b24339c7e72021-12-17 11:28:11.566root 11241100x800000000000000081855Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.566{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba83ec8f9a9af7f22021-12-17 11:28:11.566root 11241100x800000000000000081856Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.566{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e939b317745f9692021-12-17 11:28:11.566root 11241100x800000000000000081857Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.566{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be0f99663681e5ab2021-12-17 11:28:11.566root 11241100x800000000000000081858Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.566{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.671dbdf8537fca952021-12-17 11:28:11.566root 11241100x800000000000000081859Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.567{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ed5c6b62a4556fd2021-12-17 11:28:11.567root 11241100x800000000000000081860Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.567{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e78caafada7a83de2021-12-17 11:28:11.567root 11241100x800000000000000081861Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.567{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a83226dda8941052021-12-17 11:28:11.567root 11241100x800000000000000081862Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.567{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b12ceb5c21f9e4cf2021-12-17 11:28:11.567root 11241100x800000000000000081863Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.568{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.242a666e2d975c8d2021-12-17 11:28:11.568root 11241100x800000000000000081864Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.568{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.838e3ee3c9696ad32021-12-17 11:28:11.568root 11241100x800000000000000081865Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.568{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac137338ca058a802021-12-17 11:28:11.568root 11241100x800000000000000081866Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.568{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.20160604130543512021-12-17 11:28:11.568root 11241100x800000000000000081867Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.568{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.352c2d9db30899e92021-12-17 11:28:11.568root 11241100x800000000000000081868Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.570{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b77a946fcd714c72021-12-17 11:28:11.570root 11241100x800000000000000081869Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.570{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.834d6dce11a144012021-12-17 11:28:11.570root 11241100x800000000000000081870Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.570{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aeab84103d10eea42021-12-17 11:28:11.570root 11241100x800000000000000081871Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.570{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.99b5d77c0730fa392021-12-17 11:28:11.570root 11241100x800000000000000081872Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:11.570{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da6c350d7da910072021-12-17 11:28:11.570root 11241100x800000000000000081873Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.57b2f3e3d2c183662021-12-17 11:28:12.057root 11241100x800000000000000081874Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.187dfcc4be9199a72021-12-17 11:28:12.057root 11241100x800000000000000081875Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00c0637e9fb89fc82021-12-17 11:28:12.057root 11241100x800000000000000081876Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5180b60cfaf2fed42021-12-17 11:28:12.057root 11241100x800000000000000081877Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b488c8518dd0e532021-12-17 11:28:12.057root 11241100x800000000000000081878Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9baf2ee21f96ab0a2021-12-17 11:28:12.057root 11241100x800000000000000081879Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b017ae97e6ef81b32021-12-17 11:28:12.058root 11241100x800000000000000081880Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9593f971b9f732902021-12-17 11:28:12.058root 11241100x800000000000000081881Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.62765651e16af0022021-12-17 11:28:12.058root 11241100x800000000000000081882Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b0c0eb6a1d2ac7022021-12-17 11:28:12.058root 11241100x800000000000000081883Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2de86750c47afea92021-12-17 11:28:12.058root 11241100x800000000000000081884Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f7b407c01f23a16e2021-12-17 11:28:12.058root 11241100x800000000000000081885Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.12388bb41b06a9212021-12-17 11:28:12.058root 11241100x800000000000000081886Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d0d3348e67fa62f72021-12-17 11:28:12.058root 11241100x800000000000000081887Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.68d6a494a056a39d2021-12-17 11:28:12.058root 11241100x800000000000000081888Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0f89c98c2f2804022021-12-17 11:28:12.058root 11241100x800000000000000081889Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5bc087035d713fd52021-12-17 11:28:12.058root 11241100x800000000000000081890Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.700d0a6ba82647c02021-12-17 11:28:12.059root 11241100x800000000000000081891Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a49b3c55c657f392021-12-17 11:28:12.059root 11241100x800000000000000081892Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5fc4abc67c9d75f02021-12-17 11:28:12.059root 11241100x800000000000000081893Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e3747abd4fe91ece2021-12-17 11:28:12.059root 11241100x800000000000000081894Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3bcb305b2630ba8f2021-12-17 11:28:12.059root 11241100x800000000000000081895Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.36465cd61059f4732021-12-17 11:28:12.059root 11241100x800000000000000081896Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ceddcba4e7b3e2d2021-12-17 11:28:12.059root 11241100x800000000000000081897Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b8e29786fa508f8e2021-12-17 11:28:12.059root 11241100x800000000000000081898Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1937fb2d8d0625732021-12-17 11:28:12.059root 11241100x800000000000000081899Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.667b1e98bf6da40a2021-12-17 11:28:12.059root 11241100x800000000000000081900Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df11cdf31c60029f2021-12-17 11:28:12.060root 11241100x800000000000000081901Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.31d39d50319724912021-12-17 11:28:12.060root 11241100x800000000000000081902Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.37fc31faaf7ccc002021-12-17 11:28:12.060root 11241100x800000000000000081903Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23e1d02c7edcead42021-12-17 11:28:12.060root 11241100x800000000000000081904Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0bb8f9d17e6ab2632021-12-17 11:28:12.060root 11241100x800000000000000081905Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee9e14b73fd9a7c82021-12-17 11:28:12.060root 11241100x800000000000000081906Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.36c008bf88c2173d2021-12-17 11:28:12.060root 11241100x800000000000000081907Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af77a5b85a6fe4a82021-12-17 11:28:12.060root 11241100x800000000000000081908Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.56bc1e458b84c20d2021-12-17 11:28:12.060root 11241100x800000000000000081909Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.42bd1f2dd7e190ee2021-12-17 11:28:12.060root 11241100x800000000000000081910Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.67446b8557d889792021-12-17 11:28:12.061root 11241100x800000000000000081911Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.61afa330ee8c685d2021-12-17 11:28:12.061root 11241100x800000000000000081912Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c919574426ab0c82021-12-17 11:28:12.061root 11241100x800000000000000081913Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c8f3703358e80e412021-12-17 11:28:12.061root 11241100x800000000000000081914Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90253041cc1dbea12021-12-17 11:28:12.061root 11241100x800000000000000081915Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.88d06bbc66a12d092021-12-17 11:28:12.061root 11241100x800000000000000081916Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c119f2de8a7b59df2021-12-17 11:28:12.061root 11241100x800000000000000081917Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd810a7592d741092021-12-17 11:28:12.061root 11241100x800000000000000081918Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9356acbbb59366742021-12-17 11:28:12.062root 11241100x800000000000000081919Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb559f5fcd0650202021-12-17 11:28:12.062root 11241100x800000000000000081920Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e2bceb61526529182021-12-17 11:28:12.062root 11241100x800000000000000081921Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.995d02a01c3be83c2021-12-17 11:28:12.062root 11241100x800000000000000081922Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2df0fbf9ed74e2ac2021-12-17 11:28:12.062root 11241100x800000000000000081923Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e021add7172f4ea62021-12-17 11:28:12.062root 11241100x800000000000000081924Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.30d3b0d04188169a2021-12-17 11:28:12.062root 11241100x800000000000000081925Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5477de1bb087840b2021-12-17 11:28:12.063root 11241100x800000000000000081926Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.894a0bd1a56a82402021-12-17 11:28:12.063root 11241100x800000000000000081927Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.79febb7efcbf45e62021-12-17 11:28:12.063root 11241100x800000000000000081928Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ec947e44a7e83332021-12-17 11:28:12.063root 11241100x800000000000000081929Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d5cd90a18f95ce32021-12-17 11:28:12.063root 11241100x800000000000000081930Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.629b70524f1c8cd92021-12-17 11:28:12.063root 11241100x800000000000000081931Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8707f709822a2f9b2021-12-17 11:28:12.063root 11241100x800000000000000081932Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.64a921fd2ff526e72021-12-17 11:28:12.064root 11241100x800000000000000081933Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac493409bb970f352021-12-17 11:28:12.064root 11241100x800000000000000081934Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.37f008e64c8d44522021-12-17 11:28:12.064root 11241100x800000000000000081935Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c5ef7110e5db9bc02021-12-17 11:28:12.064root 11241100x800000000000000081936Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4d0838940ba3d5202021-12-17 11:28:12.064root 11241100x800000000000000081937Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa6d675b3a73a8d72021-12-17 11:28:12.064root 11241100x800000000000000081938Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.645eea1a04a0bb1a2021-12-17 11:28:12.064root 11241100x800000000000000081939Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f5c41c4d8ee674f2021-12-17 11:28:12.064root 11241100x800000000000000081940Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6497f6e175c298e32021-12-17 11:28:12.064root 11241100x800000000000000081941Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0189cd414b3d31842021-12-17 11:28:12.064root 11241100x800000000000000081942Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.24ab13ffaaa592b22021-12-17 11:28:12.065root 11241100x800000000000000081943Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cb01483a2bc246192021-12-17 11:28:12.065root 11241100x800000000000000081944Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec6e171b73e176fb2021-12-17 11:28:12.065root 11241100x800000000000000081945Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.060ccd73156b620d2021-12-17 11:28:12.065root 11241100x800000000000000081946Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1db8f9647da146632021-12-17 11:28:12.065root 11241100x800000000000000081947Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7bf379e092ebd6dc2021-12-17 11:28:12.065root 11241100x800000000000000081948Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0dd6be31a18462852021-12-17 11:28:12.065root 11241100x800000000000000081949Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae67be53d220abae2021-12-17 11:28:12.065root 11241100x800000000000000081950Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.066{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d0b5846a9ce67462021-12-17 11:28:12.066root 11241100x800000000000000081951Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.066{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b342327c2e567a02021-12-17 11:28:12.066root 11241100x800000000000000081952Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.066{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e73c5770f52cc2e42021-12-17 11:28:12.066root 11241100x800000000000000081953Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.066{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.087a2cd2beb63ea92021-12-17 11:28:12.066root 11241100x800000000000000081954Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.066{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.121f38dab69bd00a2021-12-17 11:28:12.066root 11241100x800000000000000081955Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.066{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0c0bf6259c0cb3e2021-12-17 11:28:12.066root 11241100x800000000000000081956Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.066{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.18b85bfe521dc2c82021-12-17 11:28:12.066root 11241100x800000000000000081957Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7366bb3ce6b66562021-12-17 11:28:12.067root 11241100x800000000000000081958Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.11815dad7d0cb26c2021-12-17 11:28:12.067root 11241100x800000000000000081959Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f299f91b2c30e7a02021-12-17 11:28:12.067root 11241100x800000000000000081960Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f6da8969415123812021-12-17 11:28:12.067root 11241100x800000000000000081961Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e06ac597c4e16bd82021-12-17 11:28:12.067root 11241100x800000000000000081962Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e699683c2af2bb7d2021-12-17 11:28:12.067root 11241100x800000000000000081963Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a5161224f550bcca2021-12-17 11:28:12.067root 11241100x800000000000000081964Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.807aede6960eabef2021-12-17 11:28:12.067root 11241100x800000000000000081965Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2fb99dbf943ee99e2021-12-17 11:28:12.067root 11241100x800000000000000081966Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e451871251df07fd2021-12-17 11:28:12.067root 11241100x800000000000000081967Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6e3d6ec390a9cb9e2021-12-17 11:28:12.067root 11241100x800000000000000081968Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.068{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.896513393c97250e2021-12-17 11:28:12.068root 11241100x800000000000000081969Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.068{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8749881b60ed1f9c2021-12-17 11:28:12.068root 11241100x800000000000000081970Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.068{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d0badb6905c103c2021-12-17 11:28:12.068root 11241100x800000000000000081971Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.068{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fbe654900364357a2021-12-17 11:28:12.068root 11241100x800000000000000081972Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bdc8d881c73975282021-12-17 11:28:12.558root 11241100x800000000000000081973Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2b30cff7b37ab5762021-12-17 11:28:12.558root 11241100x800000000000000081974Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2666efe172c427b82021-12-17 11:28:12.559root 11241100x800000000000000081975Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.37e556eb6fd8072d2021-12-17 11:28:12.559root 11241100x800000000000000081976Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77167338eb63c6932021-12-17 11:28:12.559root 11241100x800000000000000081977Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a3e54957d042bd02021-12-17 11:28:12.559root 11241100x800000000000000081978Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5fb79879ed075e832021-12-17 11:28:12.560root 11241100x800000000000000081979Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.34ef36bf50d6aa922021-12-17 11:28:12.560root 11241100x800000000000000081980Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8868f94932d80bb2021-12-17 11:28:12.560root 11241100x800000000000000081981Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.180d39254fe2d0952021-12-17 11:28:12.560root 11241100x800000000000000081982Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1816d3821fc03f192021-12-17 11:28:12.562root 11241100x800000000000000081983Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a88728d2570c0d232021-12-17 11:28:12.562root 11241100x800000000000000081984Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.08d9c74e84361b952021-12-17 11:28:12.562root 11241100x800000000000000081985Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1ec0678e31f8cf132021-12-17 11:28:12.562root 11241100x800000000000000081986Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c37052fe27596cf72021-12-17 11:28:12.563root 11241100x800000000000000081987Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d1776c99e552ab42021-12-17 11:28:12.563root 11241100x800000000000000081988Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd054296f6c234512021-12-17 11:28:12.563root 11241100x800000000000000081989Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4107f3644c926e0b2021-12-17 11:28:12.564root 11241100x800000000000000081990Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6f2b0257844fe2932021-12-17 11:28:12.564root 11241100x800000000000000081991Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5348789381c3b3a12021-12-17 11:28:12.564root 11241100x800000000000000081992Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b6506165d0fc61612021-12-17 11:28:12.564root 11241100x800000000000000081993Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c9b68f058a8bc5582021-12-17 11:28:12.564root 11241100x800000000000000081994Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c76f09a910ec4e5e2021-12-17 11:28:12.565root 11241100x800000000000000081995Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e2f2fcd6d41ee6c22021-12-17 11:28:12.565root 11241100x800000000000000081996Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cfdfd0833a1645c02021-12-17 11:28:12.565root 11241100x800000000000000081997Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.17163d66af5c3dc72021-12-17 11:28:12.565root 11241100x800000000000000081998Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f54ddc7fa7bb87b12021-12-17 11:28:12.565root 11241100x800000000000000081999Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95bb5d9683250db62021-12-17 11:28:12.565root 11241100x800000000000000082000Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.566{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d19350093fc3b2802021-12-17 11:28:12.566root 11241100x800000000000000082001Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.566{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c7060f706419cdb02021-12-17 11:28:12.566root 11241100x800000000000000082002Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.566{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a8353ca8d142b882021-12-17 11:28:12.566root 11241100x800000000000000082003Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.566{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a9e3ecf50761f8052021-12-17 11:28:12.566root 11241100x800000000000000082004Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.566{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.433a3b4aba6ee4fe2021-12-17 11:28:12.566root 11241100x800000000000000082005Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.566{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc0561266eecd0bf2021-12-17 11:28:12.566root 11241100x800000000000000082006Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.566{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9030c8c4c7cce4dd2021-12-17 11:28:12.566root 11241100x800000000000000082007Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.566{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd643c7cd9942bf42021-12-17 11:28:12.566root 11241100x800000000000000082008Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.567{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1fe3ba72d9bbd96d2021-12-17 11:28:12.567root 11241100x800000000000000082009Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.567{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cb4971df5e8104042021-12-17 11:28:12.567root 11241100x800000000000000082010Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.567{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76707e010034abc62021-12-17 11:28:12.567root 11241100x800000000000000082011Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.567{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.159351ec03d9e3b72021-12-17 11:28:12.567root 11241100x800000000000000082012Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.567{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a45e47f92dc4b4622021-12-17 11:28:12.567root 11241100x800000000000000082013Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.567{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a563f5bcd802ba72021-12-17 11:28:12.567root 11241100x800000000000000082014Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.567{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f6fecf8f170456aa2021-12-17 11:28:12.567root 11241100x800000000000000082015Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.567{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.779456e539feaf2f2021-12-17 11:28:12.567root 11241100x800000000000000082016Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.567{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.17c8b61179c9b4ea2021-12-17 11:28:12.567root 11241100x800000000000000082017Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.567{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a7372cb6396b05d02021-12-17 11:28:12.567root 11241100x800000000000000082018Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.567{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0f40174939b2d2ad2021-12-17 11:28:12.567root 11241100x800000000000000082019Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.568{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2b855048bb9c33cb2021-12-17 11:28:12.568root 11241100x800000000000000082020Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.568{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.99d08f164bc8d91f2021-12-17 11:28:12.568root 11241100x800000000000000082021Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.568{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.915355fd344385612021-12-17 11:28:12.568root 11241100x800000000000000082022Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.568{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b68616da6096ca8f2021-12-17 11:28:12.568root 11241100x800000000000000082023Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.568{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.259cf596eef0490c2021-12-17 11:28:12.568root 11241100x800000000000000082024Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.568{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.56443f3a827063be2021-12-17 11:28:12.568root 11241100x800000000000000082025Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.568{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bfcc1b9040e30c082021-12-17 11:28:12.568root 11241100x800000000000000082026Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.568{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.411174ccd673e86d2021-12-17 11:28:12.568root 11241100x800000000000000082027Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.568{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c9aff86260137902021-12-17 11:28:12.568root 11241100x800000000000000082028Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.568{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b75676f38c67a9242021-12-17 11:28:12.568root 11241100x800000000000000082029Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.568{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f26eca4cd35523212021-12-17 11:28:12.568root 11241100x800000000000000082030Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.569{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f35623085c90fefb2021-12-17 11:28:12.569root 11241100x800000000000000082031Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.569{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a2f51bac5797bba02021-12-17 11:28:12.569root 11241100x800000000000000082032Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.569{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc2458161f8871a12021-12-17 11:28:12.569root 11241100x800000000000000082033Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.569{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.19157fea7f4609f02021-12-17 11:28:12.569root 11241100x800000000000000082034Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.569{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f7b5bc81f3b919982021-12-17 11:28:12.569root 11241100x800000000000000082035Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.569{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.827aa2bd649e90bd2021-12-17 11:28:12.569root 11241100x800000000000000082036Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.569{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a855a9afb7e92fd2021-12-17 11:28:12.569root 11241100x800000000000000082037Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.569{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc5daa574b8d8cc12021-12-17 11:28:12.569root 11241100x800000000000000082038Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.569{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f14d1657f65881d2021-12-17 11:28:12.569root 11241100x800000000000000082039Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.569{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.010924de2aa0d0882021-12-17 11:28:12.569root 11241100x800000000000000082040Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.569{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b0a93fc162ee0562021-12-17 11:28:12.569root 11241100x800000000000000082041Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.569{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1046d54a19b5e36f2021-12-17 11:28:12.569root 11241100x800000000000000082042Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:12.570{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.160e2525a88d63e02021-12-17 11:28:12.570root 11241100x800000000000000082043Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.44f9fca2abe8b10e2021-12-17 11:28:13.058root 11241100x800000000000000082044Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4a62bfa7210b3a02021-12-17 11:28:13.058root 11241100x800000000000000082045Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.890f5e4feeba97bc2021-12-17 11:28:13.058root 11241100x800000000000000082046Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.222f61ac029de6e12021-12-17 11:28:13.058root 11241100x800000000000000082047Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1500b932e5a56aee2021-12-17 11:28:13.059root 11241100x800000000000000082048Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d04c156735d388c62021-12-17 11:28:13.059root 11241100x800000000000000082049Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c05dc0393bdd47052021-12-17 11:28:13.059root 11241100x800000000000000082050Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d74e77fadd5e3a72021-12-17 11:28:13.059root 11241100x800000000000000082051Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b043480e63b404692021-12-17 11:28:13.059root 11241100x800000000000000082052Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca4c8073774b02b02021-12-17 11:28:13.060root 11241100x800000000000000082053Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38db1a5cf4de6fef2021-12-17 11:28:13.060root 11241100x800000000000000082054Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.17013c3a57dfe0382021-12-17 11:28:13.060root 11241100x800000000000000082055Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce9eec824cb1523b2021-12-17 11:28:13.060root 11241100x800000000000000082056Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0f947dc7f7b5ef062021-12-17 11:28:13.060root 11241100x800000000000000082057Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6a080e0c46c7f682021-12-17 11:28:13.060root 11241100x800000000000000082058Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9bf1b2f08d61b2732021-12-17 11:28:13.061root 11241100x800000000000000082059Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f8bf5686b97c3172021-12-17 11:28:13.062root 11241100x800000000000000082060Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.779b03e7b3318c342021-12-17 11:28:13.062root 11241100x800000000000000082061Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d00af9f396fef632021-12-17 11:28:13.062root 11241100x800000000000000082062Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41cec78260aea8bb2021-12-17 11:28:13.062root 11241100x800000000000000082063Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c317e0a0067533ec2021-12-17 11:28:13.062root 11241100x800000000000000082064Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f484e1855b9050a2021-12-17 11:28:13.063root 11241100x800000000000000082065Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.090577ce25a3de9e2021-12-17 11:28:13.063root 11241100x800000000000000082066Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.42e1ac100cd2b6902021-12-17 11:28:13.063root 11241100x800000000000000082067Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54fe529d8eebaee82021-12-17 11:28:13.063root 11241100x800000000000000082068Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6aa58f28f72feaa72021-12-17 11:28:13.063root 11241100x800000000000000082069Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b73d8136e680dc1e2021-12-17 11:28:13.064root 11241100x800000000000000082070Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7fdc096d5e6ab4082021-12-17 11:28:13.064root 11241100x800000000000000082071Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d8b140e3404d9492021-12-17 11:28:13.064root 11241100x800000000000000082072Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.10e330838eed24be2021-12-17 11:28:13.064root 11241100x800000000000000082073Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e60097218830ece72021-12-17 11:28:13.065root 11241100x800000000000000082074Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.528a504e3517c1f82021-12-17 11:28:13.065root 11241100x800000000000000082075Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a2b6e00349f6a2662021-12-17 11:28:13.065root 11241100x800000000000000082076Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8e5ce76ec412a8a2021-12-17 11:28:13.065root 11241100x800000000000000082077Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d196ebd6d02266522021-12-17 11:28:13.065root 11241100x800000000000000082078Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.066{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b8333335d4266a662021-12-17 11:28:13.066root 11241100x800000000000000082079Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.066{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f59784e31dfc7002021-12-17 11:28:13.066root 11241100x800000000000000082080Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.066{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.44ff7cebacddaf522021-12-17 11:28:13.066root 11241100x800000000000000082081Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.066{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4eb12487a5b624df2021-12-17 11:28:13.066root 11241100x800000000000000082082Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.066{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.68a4950b37a1a7682021-12-17 11:28:13.066root 11241100x800000000000000082083Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0a38484645af6cb2021-12-17 11:28:13.067root 11241100x800000000000000082084Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.70f7f374e97aa5672021-12-17 11:28:13.067root 11241100x800000000000000082085Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a474879dc022643b2021-12-17 11:28:13.067root 11241100x800000000000000082086Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.228cf70a60307d342021-12-17 11:28:13.067root 11241100x800000000000000082087Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.068{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.57a296afc0a172712021-12-17 11:28:13.068root 11241100x800000000000000082088Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.068{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.854f1a4211df536b2021-12-17 11:28:13.068root 11241100x800000000000000082089Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.068{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1ad20f6320c784ed2021-12-17 11:28:13.068root 11241100x800000000000000082090Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.068{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d3f248a6076d43362021-12-17 11:28:13.068root 11241100x800000000000000082091Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.069{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d2497dbab8268e442021-12-17 11:28:13.069root 11241100x800000000000000082092Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.069{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4cf491088e95416a2021-12-17 11:28:13.069root 11241100x800000000000000082093Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.069{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02172810799a0fa42021-12-17 11:28:13.069root 11241100x800000000000000082094Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.069{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.691d008cc44d98c82021-12-17 11:28:13.069root 11241100x800000000000000082095Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.069{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6425a795280d26ea2021-12-17 11:28:13.069root 11241100x800000000000000082096Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.070{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec774a653e68493d2021-12-17 11:28:13.070root 11241100x800000000000000082097Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.070{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.65b5f544b09ac5a22021-12-17 11:28:13.070root 11241100x800000000000000082098Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.070{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b21816088d2d53c92021-12-17 11:28:13.070root 11241100x800000000000000082099Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.070{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.64f2d35cbafc26ec2021-12-17 11:28:13.070root 11241100x800000000000000082100Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.070{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f499ab89fe4d6d062021-12-17 11:28:13.070root 11241100x800000000000000082101Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.071{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c6b5063a81e0ccb2021-12-17 11:28:13.071root 11241100x800000000000000082102Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.071{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c95a71b1f3271902021-12-17 11:28:13.071root 11241100x800000000000000082103Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.071{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b791ae13ca2c79492021-12-17 11:28:13.071root 11241100x800000000000000082104Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.071{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.81347bae61ebac8e2021-12-17 11:28:13.071root 11241100x800000000000000082105Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.071{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.abaec8c6ad47639d2021-12-17 11:28:13.071root 11241100x800000000000000082106Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.071{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09f89074708c97bc2021-12-17 11:28:13.071root 11241100x800000000000000082107Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.072{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6caadedede80363e2021-12-17 11:28:13.072root 11241100x800000000000000082108Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.072{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4378627a8954d2352021-12-17 11:28:13.072root 11241100x800000000000000082109Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.072{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.adb3d3390de56cce2021-12-17 11:28:13.072root 11241100x800000000000000082110Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.072{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f0a7579ba4a3cbea2021-12-17 11:28:13.072root 11241100x800000000000000082111Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.072{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.20d4d06f70104d6b2021-12-17 11:28:13.072root 11241100x800000000000000082112Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.073{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d7282bf084052b332021-12-17 11:28:13.073root 11241100x800000000000000082113Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.073{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.162f56f82b2137052021-12-17 11:28:13.073root 11241100x800000000000000082114Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.073{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4230f5554ca237982021-12-17 11:28:13.073root 11241100x800000000000000082115Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.073{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6dd7df97f19b4392021-12-17 11:28:13.073root 11241100x800000000000000082116Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.073{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a287d00e354c1b7b2021-12-17 11:28:13.073root 11241100x800000000000000082117Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.074{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.957a5ecb0596e71e2021-12-17 11:28:13.074root 11241100x800000000000000082118Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.074{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cba1e1565e4ac81a2021-12-17 11:28:13.074root 11241100x800000000000000082119Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.074{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4fffa3989f9b19462021-12-17 11:28:13.074root 11241100x800000000000000082120Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.074{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e55897779a5bc2d2021-12-17 11:28:13.074root 11241100x800000000000000082121Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.074{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f941f65337a3df2e2021-12-17 11:28:13.074root 11241100x800000000000000082122Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.074{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.83ff42af21fc462b2021-12-17 11:28:13.074root 11241100x800000000000000082123Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.075{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.30d48ba9fd83b7562021-12-17 11:28:13.075root 11241100x800000000000000082124Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.075{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7269a7c9d26451b32021-12-17 11:28:13.075root 11241100x800000000000000082125Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.075{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2279c924e8bca1c02021-12-17 11:28:13.075root 11241100x800000000000000082126Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.075{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d46a6895d5a77bf72021-12-17 11:28:13.075root 11241100x800000000000000082127Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.075{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.31eb02ce9368a7e52021-12-17 11:28:13.075root 11241100x800000000000000082128Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.075{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da8f70b20d18ba4b2021-12-17 11:28:13.075root 11241100x800000000000000082129Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.075{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f98ff86336b0e8412021-12-17 11:28:13.075root 11241100x800000000000000082130Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.075{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1cd3272e619c86e2021-12-17 11:28:13.075root 11241100x800000000000000082131Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.075{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.213c88b0f431d2de2021-12-17 11:28:13.075root 11241100x800000000000000082132Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.075{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ef14aece28e5d932021-12-17 11:28:13.075root 11241100x800000000000000082133Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.075{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.89a51c632f6c4e592021-12-17 11:28:13.075root 11241100x800000000000000082134Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.075{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.acff0ab3ce45f9da2021-12-17 11:28:13.075root 11241100x800000000000000082135Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.076{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e12e90fb90fc0c772021-12-17 11:28:13.076root 11241100x800000000000000082136Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.076{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cfe4eb77c34221452021-12-17 11:28:13.076root 11241100x800000000000000082137Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.076{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.694507d20c51d9602021-12-17 11:28:13.076root 11241100x800000000000000082138Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.076{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e2f19160b3a0e252021-12-17 11:28:13.076root 11241100x800000000000000082139Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.076{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b96d31344a538882021-12-17 11:28:13.076root 11241100x800000000000000082140Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.076{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca7042f0d4750ac52021-12-17 11:28:13.076root 11241100x800000000000000082141Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.076{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b35dfb7fbed109f2021-12-17 11:28:13.076root 11241100x800000000000000082142Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.076{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a25c838aebc6896a2021-12-17 11:28:13.076root 11241100x800000000000000082143Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.076{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4de7a22d25dacc3a2021-12-17 11:28:13.076root 11241100x800000000000000082144Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.076{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02a8cd6855c63d5b2021-12-17 11:28:13.076root 11241100x800000000000000082145Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.076{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc0c34bcf6404ff82021-12-17 11:28:13.076root 11241100x800000000000000082146Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.076{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db0789028ccb87532021-12-17 11:28:13.076root 11241100x800000000000000082147Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.077{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f9ebe58d169eb7812021-12-17 11:28:13.077root 11241100x800000000000000082148Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.077{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.066f9335c271c2162021-12-17 11:28:13.077root 11241100x800000000000000082149Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.077{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.29922c44464a19052021-12-17 11:28:13.077root 11241100x800000000000000082150Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.077{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.496e2485ae63d2842021-12-17 11:28:13.077root 11241100x800000000000000082151Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.077{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.667f2a1e71f2f1792021-12-17 11:28:13.077root 11241100x800000000000000082152Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.077{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fcb8c26a4c3a55972021-12-17 11:28:13.077root 11241100x800000000000000082153Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.077{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a42445c61c888aef2021-12-17 11:28:13.077root 11241100x800000000000000082154Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.077{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a3f34951f9dc75722021-12-17 11:28:13.077root 11241100x800000000000000082155Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.077{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e55197f7b1987532021-12-17 11:28:13.077root 11241100x800000000000000082156Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.077{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8aa83ecb1a18d57a2021-12-17 11:28:13.077root 11241100x800000000000000082157Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.077{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f6be9ea1f4a7c8c82021-12-17 11:28:13.077root 11241100x800000000000000082158Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.077{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec1e454b15fc57992021-12-17 11:28:13.077root 11241100x800000000000000082159Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.077{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.57e26542ec9b5f6d2021-12-17 11:28:13.077root 11241100x800000000000000082160Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.077{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ced36577e2c55c392021-12-17 11:28:13.077root 11241100x800000000000000082161Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.077{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7da28f8ed768b1e2021-12-17 11:28:13.077root 11241100x800000000000000082162Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.078{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c016c68bee97b5ea2021-12-17 11:28:13.078root 11241100x800000000000000082163Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.078{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.82ad6708ad206e902021-12-17 11:28:13.078root 11241100x800000000000000082164Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.078{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a030273deac28832021-12-17 11:28:13.078root 11241100x800000000000000082165Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.078{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e4924cb30d5afe42021-12-17 11:28:13.078root 11241100x800000000000000082166Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.078{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.84e755e8d10d10562021-12-17 11:28:13.078root 11241100x800000000000000082167Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.078{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.086997646415c2332021-12-17 11:28:13.078root 11241100x800000000000000082168Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.078{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e51e7f5323e20cc2021-12-17 11:28:13.078root 11241100x800000000000000082169Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.078{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.870ff2127b7f49802021-12-17 11:28:13.078root 11241100x800000000000000082170Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.078{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cff728043f8ae0cc2021-12-17 11:28:13.078root 11241100x800000000000000082171Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c77c7aacd3885b072021-12-17 11:28:13.557root 11241100x800000000000000082172Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8983610a52425a802021-12-17 11:28:13.557root 11241100x800000000000000082173Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2b58ae1e6585b482021-12-17 11:28:13.557root 11241100x800000000000000082174Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a261df0df19d8daa2021-12-17 11:28:13.557root 11241100x800000000000000082175Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.40dd931a86cc84842021-12-17 11:28:13.557root 11241100x800000000000000082176Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.deb765da6debae402021-12-17 11:28:13.557root 11241100x800000000000000082177Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b1b76e147b3c1a842021-12-17 11:28:13.557root 11241100x800000000000000082178Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ad948067044f12832021-12-17 11:28:13.557root 11241100x800000000000000082179Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf450f08631035852021-12-17 11:28:13.557root 11241100x800000000000000082180Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6de641a0bf83b07a2021-12-17 11:28:13.557root 11241100x800000000000000082181Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1ff9663e314e6acf2021-12-17 11:28:13.557root 11241100x800000000000000082182Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b58621ff3597cc62021-12-17 11:28:13.558root 11241100x800000000000000082183Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.18c4f44d9b5019852021-12-17 11:28:13.558root 11241100x800000000000000082184Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2412ae7db5fd35952021-12-17 11:28:13.558root 11241100x800000000000000082185Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.13120ebc5651e42d2021-12-17 11:28:13.558root 11241100x800000000000000082186Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b49578e0a8da84e2021-12-17 11:28:13.558root 11241100x800000000000000082187Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd32614c28b8543e2021-12-17 11:28:13.558root 11241100x800000000000000082188Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.22bb8a2b9c6ab60c2021-12-17 11:28:13.558root 11241100x800000000000000082189Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f5098a59c5f315d2021-12-17 11:28:13.558root 11241100x800000000000000082190Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02c0e73fb715d1642021-12-17 11:28:13.558root 11241100x800000000000000082191Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d4fb3677f1f4d2b52021-12-17 11:28:13.559root 11241100x800000000000000082192Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4d7d48b7512ffbc02021-12-17 11:28:13.559root 11241100x800000000000000082193Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2510a931fb875f352021-12-17 11:28:13.559root 11241100x800000000000000082194Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d43d66298896a9a2021-12-17 11:28:13.559root 11241100x800000000000000082195Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d0b6342cedee6462021-12-17 11:28:13.559root 11241100x800000000000000082196Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b88215211105d9a2021-12-17 11:28:13.559root 11241100x800000000000000082197Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1d00903bee3d0702021-12-17 11:28:13.559root 11241100x800000000000000082198Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.409d201b279839e62021-12-17 11:28:13.559root 11241100x800000000000000082199Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4805c993bf7044162021-12-17 11:28:13.559root 11241100x800000000000000082200Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09bf1f31a8b70f402021-12-17 11:28:13.560root 11241100x800000000000000082201Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2847722688529c9c2021-12-17 11:28:13.560root 11241100x800000000000000082202Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5863edf73e00a25a2021-12-17 11:28:13.560root 11241100x800000000000000082203Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1390325e1fac999e2021-12-17 11:28:13.560root 11241100x800000000000000082204Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6be89312bb4e55e72021-12-17 11:28:13.560root 11241100x800000000000000082205Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6f290f5c4bec56912021-12-17 11:28:13.560root 11241100x800000000000000082206Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f91bc5a903fc23372021-12-17 11:28:13.560root 11241100x800000000000000082207Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c1d6ff0b6a3c37e82021-12-17 11:28:13.560root 11241100x800000000000000082208Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f2209ad1b4d522ad2021-12-17 11:28:13.560root 11241100x800000000000000082209Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8cd841ddf07a2a0f2021-12-17 11:28:13.560root 11241100x800000000000000082210Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e05990c5dfbd53412021-12-17 11:28:13.561root 11241100x800000000000000082211Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.66efe5b34e11007a2021-12-17 11:28:13.561root 11241100x800000000000000082212Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.907b7a58400c06af2021-12-17 11:28:13.561root 11241100x800000000000000082213Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b52e74792fc17a02021-12-17 11:28:13.561root 11241100x800000000000000082214Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c732d0ee7a24a1812021-12-17 11:28:13.561root 11241100x800000000000000082215Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33c86547f6d492f82021-12-17 11:28:13.561root 11241100x800000000000000082216Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd25540c49cc7c372021-12-17 11:28:13.561root 11241100x800000000000000082217Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.43c7dc68c4a498382021-12-17 11:28:13.561root 11241100x800000000000000082218Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec45029486b277a32021-12-17 11:28:13.562root 11241100x800000000000000082219Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.730d91a2f4943fbe2021-12-17 11:28:13.562root 11241100x800000000000000082220Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e2eb2e1ee2050e572021-12-17 11:28:13.562root 11241100x800000000000000082221Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.adb575f872e1d10c2021-12-17 11:28:13.562root 11241100x800000000000000082222Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77d9a3883f47f72d2021-12-17 11:28:13.562root 11241100x800000000000000082223Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd7653bac2e096db2021-12-17 11:28:13.562root 11241100x800000000000000082224Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db05a273dde9c9592021-12-17 11:28:13.562root 11241100x800000000000000082225Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb25497ca64cbde92021-12-17 11:28:13.562root 11241100x800000000000000082226Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c9044c91c2ed8c4c2021-12-17 11:28:13.563root 11241100x800000000000000082227Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b353283bdc9615632021-12-17 11:28:13.563root 534500x800000000000000082228Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:13.638{00000000-0000-0000-0000-000000000000}116<unknown process>root 11241100x800000000000000082229Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f86829a4c96d2d52021-12-17 11:28:14.056root 11241100x800000000000000082230Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00d4c96aecfbe59e2021-12-17 11:28:14.056root 11241100x800000000000000082231Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c402db208f5c8b792021-12-17 11:28:14.056root 11241100x800000000000000082232Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aae87db455e9fb582021-12-17 11:28:14.057root 11241100x800000000000000082233Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5335e9461cc197dd2021-12-17 11:28:14.057root 11241100x800000000000000082234Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0f59ec0242c73632021-12-17 11:28:14.057root 11241100x800000000000000082235Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1cf2b284833bc5da2021-12-17 11:28:14.057root 11241100x800000000000000082236Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d0df02b89864bf5c2021-12-17 11:28:14.057root 11241100x800000000000000082237Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b1807d9726318e72021-12-17 11:28:14.057root 11241100x800000000000000082238Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f696f18233b6954f2021-12-17 11:28:14.057root 11241100x800000000000000082239Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.34bb0a0bebfb82e52021-12-17 11:28:14.057root 11241100x800000000000000082240Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c1d04f50a552d1482021-12-17 11:28:14.057root 11241100x800000000000000082241Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5dfd2e915f9e91632021-12-17 11:28:14.058root 11241100x800000000000000082242Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e45d18c20fa4cb6c2021-12-17 11:28:14.058root 11241100x800000000000000082243Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9515b9b42c0dcd082021-12-17 11:28:14.058root 11241100x800000000000000082244Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f8a8c8ef5e275f252021-12-17 11:28:14.058root 11241100x800000000000000082245Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b810f9fcbd0a1c52021-12-17 11:28:14.058root 11241100x800000000000000082246Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7272bf5906d29fed2021-12-17 11:28:14.058root 11241100x800000000000000082247Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6bb7f7258ffcde52021-12-17 11:28:14.058root 11241100x800000000000000082248Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.72846847b09b37dc2021-12-17 11:28:14.058root 11241100x800000000000000082249Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6757abf33db67cdb2021-12-17 11:28:14.058root 11241100x800000000000000082250Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c75d0a5a1500af72021-12-17 11:28:14.059root 11241100x800000000000000082251Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3459fd4c2e70bc682021-12-17 11:28:14.059root 11241100x800000000000000082252Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2b51c238fe584f272021-12-17 11:28:14.059root 11241100x800000000000000082253Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.43bb599743d5bbe92021-12-17 11:28:14.059root 11241100x800000000000000082254Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1ebd16d3cdc048a82021-12-17 11:28:14.059root 11241100x800000000000000082255Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c2f7ddee61b731f2021-12-17 11:28:14.059root 11241100x800000000000000082256Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6735aa44d60e27d92021-12-17 11:28:14.059root 11241100x800000000000000082257Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cea1b026841631f62021-12-17 11:28:14.059root 11241100x800000000000000082258Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e104f1a0e93493b02021-12-17 11:28:14.059root 11241100x800000000000000082259Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5de356ac5b5862cf2021-12-17 11:28:14.059root 11241100x800000000000000082260Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6f0bc1af72c39d22021-12-17 11:28:14.060root 11241100x800000000000000082261Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9499bafe1a513b432021-12-17 11:28:14.060root 11241100x800000000000000082262Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.15e8602523cfa7f92021-12-17 11:28:14.061root 11241100x800000000000000082263Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf8b921ea6211e0b2021-12-17 11:28:14.061root 11241100x800000000000000082264Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.284f39b48dfbdc6a2021-12-17 11:28:14.062root 11241100x800000000000000082265Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e2485030b6aadaf2021-12-17 11:28:14.062root 11241100x800000000000000082266Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc4eed08a2086fa52021-12-17 11:28:14.062root 11241100x800000000000000082267Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d29079917ee020c2021-12-17 11:28:14.062root 11241100x800000000000000082268Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8021db1f2a9ded8e2021-12-17 11:28:14.062root 11241100x800000000000000082269Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.59f7903b2350cf952021-12-17 11:28:14.063root 11241100x800000000000000082270Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.84d9497184e97ac22021-12-17 11:28:14.063root 11241100x800000000000000082271Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8eb7f4388c2705e32021-12-17 11:28:14.063root 11241100x800000000000000082272Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.51a6279c9531f4332021-12-17 11:28:14.063root 11241100x800000000000000082273Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e1e52128b82acef32021-12-17 11:28:14.064root 11241100x800000000000000082274Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.28e5d98e8a01228e2021-12-17 11:28:14.064root 11241100x800000000000000082275Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1d7fba06621d30a2021-12-17 11:28:14.064root 11241100x800000000000000082276Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7679f9a8c99f34492021-12-17 11:28:14.064root 11241100x800000000000000082277Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2b30cc80ae05de692021-12-17 11:28:14.065root 11241100x800000000000000082278Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3a7c66e4fefd4b22021-12-17 11:28:14.065root 11241100x800000000000000082279Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.10f63a27eb7043852021-12-17 11:28:14.065root 11241100x800000000000000082280Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.065{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d9b4ce8fc0de6b32021-12-17 11:28:14.065root 11241100x800000000000000082281Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.066{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e603cbef8e2815862021-12-17 11:28:14.066root 11241100x800000000000000082282Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.066{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e9ef17730924fbaa2021-12-17 11:28:14.066root 11241100x800000000000000082283Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.066{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.32a78e67ef724fa32021-12-17 11:28:14.066root 11241100x800000000000000082284Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.066{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c6932d8229ed3ec2021-12-17 11:28:14.066root 11241100x800000000000000082285Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.98d54f95fe6f253d2021-12-17 11:28:14.067root 11241100x800000000000000082286Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f6ae387fc61f8bbe2021-12-17 11:28:14.067root 11241100x800000000000000082287Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c5b776d057260852021-12-17 11:28:14.067root 11241100x800000000000000082288Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.067{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.466627e338db906b2021-12-17 11:28:14.067root 11241100x800000000000000082289Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.068{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.efe3095a583c5b8c2021-12-17 11:28:14.068root 11241100x800000000000000082290Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.068{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c448fb9b2c8bfb452021-12-17 11:28:14.068root 11241100x800000000000000082291Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.068{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a344945631a5a1cf2021-12-17 11:28:14.068root 11241100x800000000000000082292Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.068{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be3e45c1f75262242021-12-17 11:28:14.068root 11241100x800000000000000082293Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.068{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf8f9c628ead19732021-12-17 11:28:14.068root 11241100x800000000000000082294Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.069{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e41abf1a8c00bfe2021-12-17 11:28:14.069root 11241100x800000000000000082295Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.069{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2aca6254636bf972021-12-17 11:28:14.069root 11241100x800000000000000082296Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.069{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9545ad959f8022c12021-12-17 11:28:14.069root 11241100x800000000000000082297Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.069{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d1494e98f552ce62021-12-17 11:28:14.069root 11241100x800000000000000082298Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.069{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6637a28fc87010e82021-12-17 11:28:14.069root 11241100x800000000000000082299Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.070{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.424058bff05c83ee2021-12-17 11:28:14.070root 11241100x800000000000000082300Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.070{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d9ab81dfbad1c38b2021-12-17 11:28:14.070root 11241100x800000000000000082301Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.070{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cfd185ab03b93cd42021-12-17 11:28:14.070root 11241100x800000000000000082302Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.070{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.088ca901788946902021-12-17 11:28:14.070root 11241100x800000000000000082303Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.071{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b78dba4d276b7052021-12-17 11:28:14.071root 11241100x800000000000000082304Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.071{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.61815e1c80559e572021-12-17 11:28:14.071root 11241100x800000000000000082305Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.071{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a09b3c31eb6215432021-12-17 11:28:14.071root 11241100x800000000000000082306Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.071{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec939e61894147372021-12-17 11:28:14.071root 11241100x800000000000000082307Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.072{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f9278d3db95fe532021-12-17 11:28:14.072root 11241100x800000000000000082308Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.072{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d81ef07afa1daf52021-12-17 11:28:14.072root 11241100x800000000000000082309Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.072{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.613e2179eea355e32021-12-17 11:28:14.072root 11241100x800000000000000082310Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.072{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.917097db75ab46e32021-12-17 11:28:14.072root 11241100x800000000000000082311Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.073{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eec1ce2c5b1e54512021-12-17 11:28:14.073root 11241100x800000000000000082312Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.073{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b645ec050c81ea772021-12-17 11:28:14.073root 11241100x800000000000000082313Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.073{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a18da17e7020efb2021-12-17 11:28:14.073root 11241100x800000000000000082314Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.073{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1ed3f033f241d8aa2021-12-17 11:28:14.073root 11241100x800000000000000082315Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.073{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eac03efbd541ce6e2021-12-17 11:28:14.073root 11241100x800000000000000082316Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.073{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4128849218b282d22021-12-17 11:28:14.073root 11241100x800000000000000082317Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.074{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e2295db383540eb82021-12-17 11:28:14.074root 11241100x800000000000000082318Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.074{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef4434d1ffd9abde2021-12-17 11:28:14.074root 11241100x800000000000000082319Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.074{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b03f4fe93c55da792021-12-17 11:28:14.074root 11241100x800000000000000082320Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.074{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f992e0910bef7a4d2021-12-17 11:28:14.074root 11241100x800000000000000082321Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.074{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8af57ad36b565e9b2021-12-17 11:28:14.074root 11241100x800000000000000082322Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.074{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f5cb401e002e3be2021-12-17 11:28:14.074root 11241100x800000000000000082323Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.074{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4da14bf5cddbff042021-12-17 11:28:14.074root 11241100x800000000000000082324Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.074{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.16e5e7c635ae1d9a2021-12-17 11:28:14.074root 11241100x800000000000000082325Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.074{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e66053bb2a14ece52021-12-17 11:28:14.074root 11241100x800000000000000082326Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.074{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.180d36a53defffae2021-12-17 11:28:14.074root 11241100x800000000000000082327Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.074{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a2ca7dc7d1f6ec9d2021-12-17 11:28:14.074root 11241100x800000000000000082328Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.075{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f30e93adcf9de142021-12-17 11:28:14.075root 11241100x800000000000000082329Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.075{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bbdc6569e15c03d12021-12-17 11:28:14.075root 11241100x800000000000000082330Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.075{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.39d87f572dee66c92021-12-17 11:28:14.075root 11241100x800000000000000082331Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.075{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6a6d560359984902021-12-17 11:28:14.075root 11241100x800000000000000082332Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.075{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c34d688b8e87f1052021-12-17 11:28:14.075root 11241100x800000000000000082333Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.075{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9bf237be53086bbf2021-12-17 11:28:14.075root 11241100x800000000000000082334Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.075{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9217339ea6ceadf32021-12-17 11:28:14.075root 11241100x800000000000000082335Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.075{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8ae95c5f55598072021-12-17 11:28:14.075root 11241100x800000000000000082336Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.075{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b5d6146002ecc1262021-12-17 11:28:14.075root 11241100x800000000000000082337Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.076{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c19bf837a6465e72021-12-17 11:28:14.076root 11241100x800000000000000082338Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.076{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.822b762e4d86e8612021-12-17 11:28:14.076root 11241100x800000000000000082339Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.076{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.68ad29f225eba5fb2021-12-17 11:28:14.076root 11241100x800000000000000082340Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.076{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b95d74763bd82cc92021-12-17 11:28:14.076root 11241100x800000000000000082341Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.076{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.86c50356f17658f82021-12-17 11:28:14.076root 11241100x800000000000000082342Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.076{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.67445336108147d42021-12-17 11:28:14.076root 11241100x800000000000000082343Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.076{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.61475716f69c81642021-12-17 11:28:14.076root 11241100x800000000000000082344Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.076{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.89462e930ca41dd42021-12-17 11:28:14.076root 11241100x800000000000000082345Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.076{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91a9c3f8529731d02021-12-17 11:28:14.076root 11241100x800000000000000082346Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.076{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.309614f7c6f31b4f2021-12-17 11:28:14.076root 11241100x800000000000000082347Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.076{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.357d50c3451bca862021-12-17 11:28:14.076root 11241100x800000000000000082348Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.076{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c59de64d5e0bd42b2021-12-17 11:28:14.076root 11241100x800000000000000082349Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.076{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b3806808de8e06e2021-12-17 11:28:14.076root 11241100x800000000000000082350Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.077{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.019a71b6144d4faa2021-12-17 11:28:14.077root 11241100x800000000000000082351Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.077{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ea06dfe2074fe5c2021-12-17 11:28:14.077root 11241100x800000000000000082352Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.077{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c08bc63c302ebf9a2021-12-17 11:28:14.077root 11241100x800000000000000082353Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.077{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.777d9fefd1a70f352021-12-17 11:28:14.077root 11241100x800000000000000082354Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.077{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0165d9ea4dd6db462021-12-17 11:28:14.077root 11241100x800000000000000082355Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.077{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a2206d1ccc46ef82021-12-17 11:28:14.077root 11241100x800000000000000082356Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.077{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3dfc70893a623c182021-12-17 11:28:14.077root 11241100x800000000000000082357Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.077{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d4543c2701daed62021-12-17 11:28:14.077root 11241100x800000000000000082358Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.077{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.64266cae331256552021-12-17 11:28:14.077root 11241100x800000000000000082359Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.077{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf75488a4fad6be52021-12-17 11:28:14.077root 11241100x800000000000000082360Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.078{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e5edab6733746f3c2021-12-17 11:28:14.078root 11241100x800000000000000082361Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.078{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8a41accd02718fbd2021-12-17 11:28:14.078root 11241100x800000000000000082362Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.078{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.385bf9e922bd0a092021-12-17 11:28:14.078root 11241100x800000000000000082363Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.078{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1948738117478be52021-12-17 11:28:14.078root 11241100x800000000000000082364Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.078{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.89b02e468cfed3ff2021-12-17 11:28:14.078root 11241100x800000000000000082365Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.078{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aee60e59c4ab14442021-12-17 11:28:14.078root 11241100x800000000000000082366Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.078{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.60fc19b6e7a392212021-12-17 11:28:14.078root 11241100x800000000000000082367Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.078{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7313bd9ca2bdb38d2021-12-17 11:28:14.078root 11241100x800000000000000082368Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.078{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e82da9ba288eb562021-12-17 11:28:14.078root 11241100x800000000000000082369Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.079{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ff590f93d1daa992021-12-17 11:28:14.079root 11241100x800000000000000082370Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.079{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f8aff778f50af2912021-12-17 11:28:14.079root 11241100x800000000000000082371Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.079{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e5d189de87b8a7452021-12-17 11:28:14.079root 11241100x800000000000000082372Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.079{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48777386facc377a2021-12-17 11:28:14.079root 11241100x800000000000000082373Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.079{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96c324e2ed93efb42021-12-17 11:28:14.079root 11241100x800000000000000082374Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.079{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc69234cf37f3db22021-12-17 11:28:14.079root 11241100x800000000000000082375Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.079{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c4396223785022c82021-12-17 11:28:14.079root 11241100x800000000000000082376Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.079{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.97426e2199f901132021-12-17 11:28:14.079root 11241100x800000000000000082377Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.079{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5268ef6e6c8390342021-12-17 11:28:14.079root 11241100x800000000000000082378Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.079{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.99149af296d2b3cb2021-12-17 11:28:14.079root 11241100x800000000000000082379Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.080{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6f012261958ca892021-12-17 11:28:14.080root 11241100x800000000000000082380Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.080{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d2bf5d2421b906af2021-12-17 11:28:14.080root 11241100x800000000000000082381Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.080{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d11dcce7c51eee682021-12-17 11:28:14.080root 11241100x800000000000000082382Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.080{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6cbbde1d687b7eb2021-12-17 11:28:14.080root 11241100x800000000000000082383Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.080{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c33471f137e079012021-12-17 11:28:14.080root 11241100x800000000000000082384Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.080{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a2b6d673268f3af02021-12-17 11:28:14.080root 11241100x800000000000000082385Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.081{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc7474b08404b3052021-12-17 11:28:14.081root 11241100x800000000000000082386Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.081{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2216aafefae482ac2021-12-17 11:28:14.081root 11241100x800000000000000082387Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.081{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5fee80580817c7b22021-12-17 11:28:14.081root 11241100x800000000000000082388Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.081{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.103c9402e86a5a002021-12-17 11:28:14.081root 11241100x800000000000000082389Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.081{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd941a66227b41af2021-12-17 11:28:14.081root 11241100x800000000000000082390Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.082{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.affa71a6b74b2a3e2021-12-17 11:28:14.082root 11241100x800000000000000082391Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.082{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e1ccb85144a54ea42021-12-17 11:28:14.082root 11241100x800000000000000082392Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.082{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b64c0675763772182021-12-17 11:28:14.082root 11241100x800000000000000082393Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.082{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f6ead24c717768862021-12-17 11:28:14.082root 11241100x800000000000000082394Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.082{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c27553d827a21db2021-12-17 11:28:14.082root 11241100x800000000000000082395Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.082{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1331087a5064b7922021-12-17 11:28:14.082root 11241100x800000000000000082396Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.082{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.17d65ed3a53c38792021-12-17 11:28:14.082root 11241100x800000000000000082397Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.082{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.42d603e4e924f50e2021-12-17 11:28:14.082root 11241100x800000000000000082398Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.082{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.673dcb0bd3dd3c8b2021-12-17 11:28:14.082root 11241100x800000000000000082399Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.082{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa1efdfdd9330f082021-12-17 11:28:14.082root 11241100x800000000000000082400Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.083{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3bf17d862e569e7f2021-12-17 11:28:14.083root 11241100x800000000000000082401Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.083{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4d4c997fe853aa0c2021-12-17 11:28:14.083root 11241100x800000000000000082402Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.083{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c34cfce1c8153a172021-12-17 11:28:14.083root 11241100x800000000000000082403Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.083{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f1d5e53fd25f3db2021-12-17 11:28:14.083root 11241100x800000000000000082404Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.083{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fb646b6f022f652a2021-12-17 11:28:14.083root 11241100x800000000000000082405Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.083{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.82b458b2c5997bde2021-12-17 11:28:14.083root 11241100x800000000000000082406Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.083{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b8824d139917bae62021-12-17 11:28:14.083root 11241100x800000000000000082407Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.083{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b0f28e50e026d7982021-12-17 11:28:14.083root 11241100x800000000000000082408Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.083{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41d7c74cbc6ccdc42021-12-17 11:28:14.083root 11241100x800000000000000082409Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.083{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09502392abf8a2302021-12-17 11:28:14.083root 11241100x800000000000000082410Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.083{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9fbb7ce154ce9fb22021-12-17 11:28:14.083root 11241100x800000000000000082411Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.083{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.addf40189f7a8aee2021-12-17 11:28:14.083root 11241100x800000000000000082412Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.083{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bab9278c8c8e45672021-12-17 11:28:14.083root 11241100x800000000000000082413Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.083{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7532026c01e355662021-12-17 11:28:14.083root 11241100x800000000000000082414Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.083{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.287e99f2d417ef632021-12-17 11:28:14.083root 11241100x800000000000000082415Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.084{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd26a410b216ff6f2021-12-17 11:28:14.084root 11241100x800000000000000082416Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.084{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6953ce5b9a21bf22021-12-17 11:28:14.084root 11241100x800000000000000082417Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.084{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2cc3202b96ca48202021-12-17 11:28:14.084root 11241100x800000000000000082418Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.084{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e801fbeeea91f79c2021-12-17 11:28:14.084root 11241100x800000000000000082419Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.084{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ceb9beec70fa8c592021-12-17 11:28:14.084root 11241100x800000000000000082420Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.084{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4eb8fe4bd41d8cc32021-12-17 11:28:14.084root 11241100x800000000000000082421Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.084{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7697c66943da8fa72021-12-17 11:28:14.084root 11241100x800000000000000082422Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.084{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.12bf4a2abd85011f2021-12-17 11:28:14.084root 11241100x800000000000000082423Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.084{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff6ccd271cf9b4ed2021-12-17 11:28:14.084root 11241100x800000000000000082424Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d14996af8cdd08c52021-12-17 11:28:14.558root 11241100x800000000000000082425Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2bced12b8785461c2021-12-17 11:28:14.558root 11241100x800000000000000082426Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69dee9d2dbb02e222021-12-17 11:28:14.558root 11241100x800000000000000082427Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b7c8dc8c6a139f82021-12-17 11:28:14.558root 11241100x800000000000000082428Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d581fda67800ecb2021-12-17 11:28:14.558root 11241100x800000000000000082429Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d4b17ea06e4e00a02021-12-17 11:28:14.558root 11241100x800000000000000082430Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef54185aa630d5222021-12-17 11:28:14.558root 11241100x800000000000000082431Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6f0074cf52319cef2021-12-17 11:28:14.559root 11241100x800000000000000082432Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dcdbdc9f8c859e4b2021-12-17 11:28:14.559root 11241100x800000000000000082433Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba21a257108518362021-12-17 11:28:14.559root 11241100x800000000000000082434Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b27d42ed71f6bd972021-12-17 11:28:14.559root 11241100x800000000000000082435Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.013fdfa8754a9d382021-12-17 11:28:14.559root 11241100x800000000000000082436Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.366bcb7753bb22a52021-12-17 11:28:14.559root 11241100x800000000000000082437Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.362e584fe048f1bd2021-12-17 11:28:14.559root 11241100x800000000000000082438Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d14694c11b38a6062021-12-17 11:28:14.559root 11241100x800000000000000082439Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af8fb8e03f9a42732021-12-17 11:28:14.559root 11241100x800000000000000082440Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.182a05e9ce2bc0b02021-12-17 11:28:14.559root 11241100x800000000000000082441Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b5dfc3a1c841b462021-12-17 11:28:14.560root 11241100x800000000000000082442Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2904e920269f445a2021-12-17 11:28:14.560root 11241100x800000000000000082443Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2b94e1806eda44602021-12-17 11:28:14.560root 11241100x800000000000000082444Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76d56d2db2df42022021-12-17 11:28:14.560root 11241100x800000000000000082445Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c1c1fbd858f6c5a72021-12-17 11:28:14.560root 11241100x800000000000000082446Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.244b54cc9497eead2021-12-17 11:28:14.561root 11241100x800000000000000082447Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.edb224e75fc9d2f02021-12-17 11:28:14.561root 11241100x800000000000000082448Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dca0de220fb85bc62021-12-17 11:28:14.561root 11241100x800000000000000082449Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d508add527c3a78c2021-12-17 11:28:14.561root 11241100x800000000000000082450Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a2400de8fee6bec2021-12-17 11:28:14.561root 11241100x800000000000000082451Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3efa0f8e6ceaa1592021-12-17 11:28:14.561root 11241100x800000000000000082452Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c4a2282dbe121f22021-12-17 11:28:14.561root 11241100x800000000000000082453Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.08bf78877b516e672021-12-17 11:28:14.561root 11241100x800000000000000082454Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6fb502fdd9bb8512021-12-17 11:28:14.562root 11241100x800000000000000082455Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca15e4c04ca345bc2021-12-17 11:28:14.562root 11241100x800000000000000082456Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff9ae37f218d08aa2021-12-17 11:28:14.562root 11241100x800000000000000082457Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6f38a1b2f1f777f52021-12-17 11:28:14.562root 11241100x800000000000000082458Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f7858925bdccedc2021-12-17 11:28:14.562root 11241100x800000000000000082459Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8956b82512894b152021-12-17 11:28:14.562root 11241100x800000000000000082460Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c44f4049f8f0bf792021-12-17 11:28:14.562root 11241100x800000000000000082461Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.650a819acc104fe92021-12-17 11:28:14.562root 11241100x800000000000000082462Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d198f530a0b5d4eb2021-12-17 11:28:14.563root 11241100x800000000000000082463Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6788b60d1f9e8a1c2021-12-17 11:28:14.564root 11241100x800000000000000082464Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7729743b56fabc3f2021-12-17 11:28:14.564root 11241100x800000000000000082465Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e297539f971777e42021-12-17 11:28:14.565root 11241100x800000000000000082466Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.adfbad79b734901a2021-12-17 11:28:14.565root 11241100x800000000000000082467Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a70722e4bd9e7ca62021-12-17 11:28:14.565root 11241100x800000000000000082468Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be97ed11d68fd8232021-12-17 11:28:14.565root 11241100x800000000000000082469Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.888d3da383cd1f902021-12-17 11:28:14.565root 11241100x800000000000000082470Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d34db8f8626391cf2021-12-17 11:28:14.565root 11241100x800000000000000082471Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e830e01edd28733d2021-12-17 11:28:14.565root 11241100x800000000000000082472Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.526cead0ef78a2d22021-12-17 11:28:14.565root 11241100x800000000000000082473Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.34678cd1843263582021-12-17 11:28:14.565root 11241100x800000000000000082474Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.430fef5ffc6f5ebd2021-12-17 11:28:14.565root 11241100x800000000000000082475Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.566{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2050a81172022f072021-12-17 11:28:14.566root 11241100x800000000000000082476Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.566{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1c7d095b393feb02021-12-17 11:28:14.566root 11241100x800000000000000082477Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.566{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b30ff5395078a3d82021-12-17 11:28:14.566root 11241100x800000000000000082478Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.566{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7e26c1f42d686ce2021-12-17 11:28:14.566root 11241100x800000000000000082479Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.566{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.564e4b612b18df292021-12-17 11:28:14.566root 11241100x800000000000000082480Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.566{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.16fa6a663b700e092021-12-17 11:28:14.566root 11241100x800000000000000082481Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.566{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.608d690f7c299f622021-12-17 11:28:14.566root 11241100x800000000000000082482Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.566{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a959e015f051aa12021-12-17 11:28:14.566root 11241100x800000000000000082483Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.566{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2574f804246943152021-12-17 11:28:14.566root 11241100x800000000000000082484Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.566{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.795a6f8d20d8a4612021-12-17 11:28:14.566root 11241100x800000000000000082485Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.567{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.61d2baf00f345d7f2021-12-17 11:28:14.567root 11241100x800000000000000082486Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.567{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d10df11740fc7c752021-12-17 11:28:14.567root 11241100x800000000000000082487Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.567{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b13e287a35a06002021-12-17 11:28:14.567root 11241100x800000000000000082488Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.567{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.778b528278cb6b6c2021-12-17 11:28:14.567root 11241100x800000000000000082489Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.567{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e7c9fe58d28a84a2021-12-17 11:28:14.567root 11241100x800000000000000082490Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.567{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.44350b9485ce792e2021-12-17 11:28:14.567root 11241100x800000000000000082491Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.567{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.105601b86f20b9712021-12-17 11:28:14.567root 11241100x800000000000000082492Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.567{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.726da8f78610b3f92021-12-17 11:28:14.567root 11241100x800000000000000082493Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.567{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af9df457e1fbef142021-12-17 11:28:14.567root 11241100x800000000000000082494Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.567{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d03caf318661514d2021-12-17 11:28:14.567root 11241100x800000000000000082495Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.567{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce3a6f38aeea94132021-12-17 11:28:14.567root 11241100x800000000000000082496Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.567{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8dfe3f93e98be3782021-12-17 11:28:14.567root 11241100x800000000000000082497Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.567{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dab8d14aafb7f7b62021-12-17 11:28:14.567root 11241100x800000000000000082498Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.568{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.66161f23158293602021-12-17 11:28:14.568root 11241100x800000000000000082499Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.568{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.62cba2491e1a0b272021-12-17 11:28:14.568root 11241100x800000000000000082500Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.568{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a620ee3004a62f932021-12-17 11:28:14.568root 11241100x800000000000000082501Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.568{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9634322e0caba1692021-12-17 11:28:14.568root 11241100x800000000000000082502Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.568{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.75e28622900318902021-12-17 11:28:14.568root 11241100x800000000000000082503Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.568{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af73d4209ab95a002021-12-17 11:28:14.568root 11241100x800000000000000082504Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.568{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.99ba145b0aba49e52021-12-17 11:28:14.568root 11241100x800000000000000082505Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.568{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b08cfb8c690f51fc2021-12-17 11:28:14.568root 11241100x800000000000000082506Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.568{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc70bd3ef9a77b512021-12-17 11:28:14.568root 11241100x800000000000000082507Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.568{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.51f6f980623b535c2021-12-17 11:28:14.568root 11241100x800000000000000082508Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.568{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4d20f568aad4a2e52021-12-17 11:28:14.568root 11241100x800000000000000082509Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.568{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6fea83a7c443a2142021-12-17 11:28:14.568root 11241100x800000000000000082510Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.568{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a35625f8c150195b2021-12-17 11:28:14.568root 11241100x800000000000000082511Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.568{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f53487573c6ec9e82021-12-17 11:28:14.568root 11241100x800000000000000082512Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.568{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4f9e059fed79f242021-12-17 11:28:14.568root 11241100x800000000000000082513Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.569{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4d497d4847b945292021-12-17 11:28:14.569root 11241100x800000000000000082514Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.569{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc290d944c1eb2202021-12-17 11:28:14.569root 11241100x800000000000000082515Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.569{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.104d0b94131b06ee2021-12-17 11:28:14.569root 11241100x800000000000000082516Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.569{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.65c45d7c8c88dbd62021-12-17 11:28:14.569root 11241100x800000000000000082517Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.569{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb0f767173792c872021-12-17 11:28:14.569root 11241100x800000000000000082518Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.569{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8cff3634adbfe2552021-12-17 11:28:14.569root 11241100x800000000000000082519Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.569{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ab0d6e56475d7fea2021-12-17 11:28:14.569root 11241100x800000000000000082520Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.569{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e28a3fa9890d6c62021-12-17 11:28:14.569root 11241100x800000000000000082521Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.569{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c9df97a97bf568ea2021-12-17 11:28:14.569root 11241100x800000000000000082522Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.569{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b655875094a1e882021-12-17 11:28:14.569root 11241100x800000000000000082523Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.569{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a17b99d381fe47f22021-12-17 11:28:14.569root 11241100x800000000000000082524Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.569{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ec55a48b10baec62021-12-17 11:28:14.569root 11241100x800000000000000082525Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.569{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c15f2fd9c764bc172021-12-17 11:28:14.569root 11241100x800000000000000082526Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.569{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2aa97446b2d0fa02021-12-17 11:28:14.569root 11241100x800000000000000082527Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.569{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c51734dce637145f2021-12-17 11:28:14.569root 11241100x800000000000000082528Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.569{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.61486888a969c72e2021-12-17 11:28:14.569root 11241100x800000000000000082529Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.570{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8fd1099768668eda2021-12-17 11:28:14.570root 11241100x800000000000000082530Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.570{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c43b2bfc7a1396f32021-12-17 11:28:14.570root 11241100x800000000000000082531Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.570{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da28c221db0b820c2021-12-17 11:28:14.570root 11241100x800000000000000082532Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.570{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e773b2512a3a29012021-12-17 11:28:14.570root 11241100x800000000000000082533Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:14.570{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d725ba96f72c19a2021-12-17 11:28:14.570root 11241100x800000000000000082534Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:15.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.04fa781cfde691d32021-12-17 11:28:15.056root 11241100x800000000000000082535Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:15.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b44000ca7a485bd72021-12-17 11:28:15.056root 11241100x800000000000000082536Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:15.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8310efbb103d845a2021-12-17 11:28:15.057root 11241100x800000000000000082537Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:15.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f8456f063319617e2021-12-17 11:28:15.057root 354300x800000000000000082594Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:26.085{ec28ba6a-70a3-61bc-5175-3a0400000000}5248/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-42968-false10.0.1.12-8000- 11241100x800000000000000082595Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:26.556{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b60dfe773282b8e2021-12-17 11:28:26.556root 11241100x800000000000000082596Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:27.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c79d38d3f32bcef2021-12-17 11:28:27.056root 11241100x800000000000000082597Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:27.556{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aef1aec4d0b001312021-12-17 11:28:27.556root 11241100x800000000000000082598Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:28.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ecb5d82ee9a4290b2021-12-17 11:28:28.056root 11241100x800000000000000082599Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:28.556{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9bbe539c2ba0d5392021-12-17 11:28:28.556root 11241100x800000000000000082600Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:29.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d9bfabc97f3fe8522021-12-17 11:28:29.056root 11241100x800000000000000082601Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:29.556{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.58fbc4ebccaec4012021-12-17 11:28:29.556root 11241100x800000000000000082602Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:30.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca576f37371284452021-12-17 11:28:30.056root 11241100x800000000000000082603Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:30.188{ec28ba6a-709b-61bc-30d8-78dfe0550000}5175/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log2021-12-17 11:28:30.188root 354300x800000000000000082604Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:30.267{ec28ba6a-709b-61bc-30d8-78dfe0550000}5175/opt/splunkforwarder/bin/splunkdroottcptruefalse10.0.1.25-40116-false10.0.1.12-8089- 11241100x800000000000000082605Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:30.556{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.53b5a0116f88986f2021-12-17 11:28:30.556root 11241100x800000000000000082606Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:30.556{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aea8c3174239ffe02021-12-17 11:28:30.556root 11241100x800000000000000082607Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:30.556{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c8053a17ceef43912021-12-17 11:28:30.556root 11241100x800000000000000082608Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:31.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.30c6697cac58b4f72021-12-17 11:28:31.056root 11241100x800000000000000082609Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:31.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.274daf4b2effab9a2021-12-17 11:28:31.056root 11241100x800000000000000082610Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:31.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cbceaaec74632f992021-12-17 11:28:31.056root 11241100x800000000000000082611Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:31.556{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9336031a5a9ddc872021-12-17 11:28:31.556root 11241100x800000000000000082612Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:31.556{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8f8144540f8d2642021-12-17 11:28:31.556root 11241100x800000000000000082613Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:31.556{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.36f176dd978de0fd2021-12-17 11:28:31.556root 11241100x800000000000000082614Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:32.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.84793a0db7b432372021-12-17 11:28:32.056root 11241100x800000000000000082615Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:32.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76e9319a893deb522021-12-17 11:28:32.056root 11241100x800000000000000082616Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:32.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.74f2b535f8b116a32021-12-17 11:28:32.056root 354300x800000000000000082617Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:32.060{ec28ba6a-70a3-61bc-5175-3a0400000000}5248/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-42972-false10.0.1.12-8000- 11241100x800000000000000082618Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:32.556{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.171d93df7813501f2021-12-17 11:28:32.556root 11241100x800000000000000082619Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:32.556{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f2257d897bb3ad202021-12-17 11:28:32.556root 11241100x800000000000000082620Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:32.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.98c2225e1931c0542021-12-17 11:28:32.557root 11241100x800000000000000082621Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:32.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b0cb1edaa0e3bb7b2021-12-17 11:28:32.557root 534500x800000000000000082622Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:32.560{ec28ba6a-6d55-61bc-c85a-314532560000}466/lib/systemd/systemd-journaldroot 534500x800000000000000082623Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:32.593{ec28ba6a-6d55-61bc-c85a-314532560000}466/lib/systemd/systemd-journaldroot 11241100x800000000000000082624Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:33.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09287e99342814272021-12-17 11:28:33.056root 11241100x800000000000000082625Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:33.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8af66cbd0018d222021-12-17 11:28:33.056root 11241100x800000000000000082626Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:33.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f2aaac5c816ffc82021-12-17 11:28:33.056root 11241100x800000000000000082627Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:33.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e11e54f3c05b607a2021-12-17 11:28:33.057root 11241100x800000000000000082628Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:33.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6434c1a8f6bb9f112021-12-17 11:28:33.057root 11241100x800000000000000082629Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:33.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91ea135a979f23b32021-12-17 11:28:33.057root 23542300x800000000000000082630Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:33.190{ec28ba6a-709b-61bc-30d8-78dfe0550000}5175root/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log--- 354300x800000000000000082631Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:33.458{ec28ba6a-6d58-61bc-9075-f09bb2550000}694/lib/systemd/systemd-networkd-udptruefalse10.0.1.25-68-false10.0.1.1-67- 11241100x800000000000000082632Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:33.458{ec28ba6a-6d58-61bc-9075-f09bb2550000}694/lib/systemd/systemd-networkd/run/systemd/netif/systemd/netif/.#state2HHth82021-12-17 11:28:33.458systemd-network 11241100x800000000000000082633Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:33.459{ec28ba6a-6d58-61bc-9075-f09bb2550000}694/lib/systemd/systemd-networkd/run/systemd/netif/systemd/netif/links/.#24EiV2Y2021-12-17 11:28:33.459systemd-network 11241100x800000000000000082634Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:33.459{ec28ba6a-6d58-61bc-9075-f09bb2550000}694/lib/systemd/systemd-networkd/run/systemd/netif/systemd/netif/leases/.#20IpnOP2021-12-17 11:28:33.459systemd-network 534500x800000000000000082635Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:33.458{ec28ba6a-6d58-61bc-9075-f09bb2550000}694/lib/systemd/systemd-networkdsystemd-network 11241100x800000000000000082636Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:33.459{ec28ba6a-6d58-61bc-9075-f09bb2550000}694/lib/systemd/systemd-networkd/run/systemd/netif/systemd/netif/.#statecz1SzG2021-12-17 11:28:33.459systemd-network 11241100x800000000000000082637Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:33.459{ec28ba6a-6d58-61bc-9075-f09bb2550000}694/lib/systemd/systemd-networkd/run/systemd/netif/systemd/netif/links/.#22Idplx2021-12-17 11:28:33.459systemd-network 11241100x800000000000000082638Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:33.459{ec28ba6a-6d58-61bc-9075-f09bb2550000}694/lib/systemd/systemd-networkd/run/systemd/netif/systemd/netif/leases/.#2QgNV6n2021-12-17 11:28:33.459systemd-network 354300x800000000000000082639Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:33.460{ec28ba6a-6d56-61bc-70d6-7e2e32560000}564/lib/systemd/systemd-timesyncdsystemd-timesyncudptruefalse10.0.1.25-57637-false169.254.169.123-123- 11241100x800000000000000082640Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:33.460{ec28ba6a-6d68-61bc-c067-fb0d4e560000}2524/lib/systemd/systemd-resolved/run/systemd/resolve/systemd/resolve/.#resolv.conf0MIzMI2021-12-17 11:28:33.460systemd-resolve 11241100x800000000000000082641Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:33.460{ec28ba6a-6d68-61bc-c067-fb0d4e560000}2524/lib/systemd/systemd-resolved/run/systemd/resolve/systemd/resolve/.#stub-resolv.confyiqiyz2021-12-17 11:28:33.460systemd-resolve 11241100x800000000000000082642Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:33.460{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a25f55eeebc726b32021-12-17 11:28:33.460root 11241100x800000000000000082643Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:33.461{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c2cf486446941762021-12-17 11:28:33.461root 11241100x800000000000000082644Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:33.461{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e91349b70f081042021-12-17 11:28:33.461root 11241100x800000000000000082645Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:33.461{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f82a6abc633aa4542021-12-17 11:28:33.461root 11241100x800000000000000082646Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:33.461{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.049ac8ba72a3bc6f2021-12-17 11:28:33.461root 11241100x800000000000000082647Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:33.461{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c58f2e639ab2ca022021-12-17 11:28:33.461root 11241100x800000000000000082648Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:33.461{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f47fb7bc8a1604652021-12-17 11:28:33.461root 11241100x800000000000000082649Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:33.461{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be2d583c4f9425d72021-12-17 11:28:33.461root 11241100x800000000000000082650Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:33.461{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.854183f930fd32e02021-12-17 11:28:33.461root 11241100x800000000000000082651Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:33.806{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.46d4d51cdc63fb912021-12-17 11:28:33.806root 11241100x800000000000000082652Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:33.807{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.62cede24a71291952021-12-17 11:28:33.807root 11241100x800000000000000082653Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:33.807{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6525566491f46efe2021-12-17 11:28:33.807root 11241100x800000000000000082654Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:33.807{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b281dd7b13678c8f2021-12-17 11:28:33.807root 11241100x800000000000000082655Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:33.807{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.866e4b224ac773f42021-12-17 11:28:33.807root 11241100x800000000000000082656Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:33.808{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90cbb6f891d719452021-12-17 11:28:33.808root 11241100x800000000000000082657Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:33.808{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6f1763bda186856b2021-12-17 11:28:33.808root 11241100x800000000000000082658Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:33.808{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.494ca32ab88b46e02021-12-17 11:28:33.808root 11241100x800000000000000082659Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:33.808{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.67b90ee239cc240e2021-12-17 11:28:33.808root 11241100x800000000000000082660Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:33.808{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3c8e64da7dea20722021-12-17 11:28:33.808root 11241100x800000000000000082661Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:33.808{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd8246ead298583e2021-12-17 11:28:33.808root 11241100x800000000000000082662Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:33.809{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c84e20b01fc1a91d2021-12-17 11:28:33.809root 11241100x800000000000000082663Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:33.809{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f6a074170dcd8002021-12-17 11:28:33.809root 11241100x800000000000000082664Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:33.809{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa17707e7a0207ea2021-12-17 11:28:33.809root 11241100x800000000000000082665Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:33.809{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c3646312d8b9e3b2021-12-17 11:28:33.809root 11241100x800000000000000082666Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:33.809{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df0511d4579294172021-12-17 11:28:33.809root 11241100x800000000000000082667Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:33.809{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7cee0e57ba3bd0ee2021-12-17 11:28:33.809root 11241100x800000000000000082668Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:33.809{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c11d450500683f02021-12-17 11:28:33.809root 11241100x800000000000000082669Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:34.307{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a816641e34261b922021-12-17 11:28:34.307root 11241100x800000000000000082670Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:34.307{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d4f4e28a331d6f692021-12-17 11:28:34.307root 11241100x800000000000000082671Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:34.307{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00ed2aed5e85cf832021-12-17 11:28:34.307root 11241100x800000000000000082672Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:34.307{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aee73ca27935667c2021-12-17 11:28:34.307root 11241100x800000000000000082673Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:34.307{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f26b7b0d06585d22021-12-17 11:28:34.307root 11241100x800000000000000082674Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:34.307{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d2a7ae49203c39912021-12-17 11:28:34.307root 11241100x800000000000000082675Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:34.307{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b3bb9719a4457bd2021-12-17 11:28:34.307root 11241100x800000000000000082676Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:34.308{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ad488674651088802021-12-17 11:28:34.308root 11241100x800000000000000082677Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:34.308{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2a5eb2c1f12b0c8f2021-12-17 11:28:34.308root 11241100x800000000000000082678Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:34.308{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f1e2311051fd12702021-12-17 11:28:34.308root 11241100x800000000000000082679Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:34.308{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b69de213d5280532021-12-17 11:28:34.308root 11241100x800000000000000082680Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:34.308{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cdacb8c328cfb3de2021-12-17 11:28:34.308root 11241100x800000000000000082681Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:34.308{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.49391efdc7587b7b2021-12-17 11:28:34.308root 11241100x800000000000000082682Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:34.308{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.992149c1ec51b4412021-12-17 11:28:34.308root 11241100x800000000000000082683Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:34.308{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.30004081eeb3bc392021-12-17 11:28:34.308root 11241100x800000000000000082684Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:34.309{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e725f6d3536b1cd2021-12-17 11:28:34.309root 11241100x800000000000000082685Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:34.309{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a626cdf9904930532021-12-17 11:28:34.309root 11241100x800000000000000082686Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:34.309{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.200d82d95f6aab6e2021-12-17 11:28:34.309root 11241100x800000000000000082687Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:34.806{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47e9073b9f74bcce2021-12-17 11:28:34.806root 11241100x800000000000000082688Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:34.807{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bacb145b44b7a58e2021-12-17 11:28:34.807root 11241100x800000000000000082689Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:34.807{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ada03236be61a4a12021-12-17 11:28:34.807root 11241100x800000000000000082690Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:34.807{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6455319047d2b542021-12-17 11:28:34.807root 11241100x800000000000000082691Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:34.807{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41e5150ec0b932de2021-12-17 11:28:34.807root 11241100x800000000000000082692Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:34.807{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.60f1a1786087a6e02021-12-17 11:28:34.807root 11241100x800000000000000082693Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:34.807{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5af057cfa3b10b002021-12-17 11:28:34.807root 11241100x800000000000000082694Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:34.807{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a785692b0cd16d52021-12-17 11:28:34.807root 11241100x800000000000000082695Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:34.807{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.75a73721df49929a2021-12-17 11:28:34.807root 11241100x800000000000000082696Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:34.807{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c079a2009759ca482021-12-17 11:28:34.807root 11241100x800000000000000082697Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:34.807{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.67eed83a8a0766fe2021-12-17 11:28:34.807root 11241100x800000000000000082698Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:34.807{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.85da43a246008e9a2021-12-17 11:28:34.807root 11241100x800000000000000082699Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:34.807{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1be82e9227057d612021-12-17 11:28:34.807root 11241100x800000000000000082700Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:34.807{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3622881b91ac0c2f2021-12-17 11:28:34.807root 11241100x800000000000000082701Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:34.807{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.489cf1a26a2555522021-12-17 11:28:34.807root 11241100x800000000000000082702Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:34.807{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9db76b643d29b88c2021-12-17 11:28:34.807root 11241100x800000000000000082703Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:34.808{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.84c691fb6252d7d92021-12-17 11:28:34.808root 11241100x800000000000000082704Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:34.808{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee033585233e91342021-12-17 11:28:34.808root 11241100x800000000000000082705Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:35.307{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed30fd117ae5eb4e2021-12-17 11:28:35.307root 11241100x800000000000000082706Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:35.307{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f1c4e72fc4301f152021-12-17 11:28:35.307root 11241100x800000000000000082707Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:35.307{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69e48fc7d1a357322021-12-17 11:28:35.307root 11241100x800000000000000082708Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:35.307{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f8ee571d33b9fbfa2021-12-17 11:28:35.307root 11241100x800000000000000082709Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:35.307{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.036848609f1c6e192021-12-17 11:28:35.307root 11241100x800000000000000082710Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:35.307{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.28b527b40bbb60152021-12-17 11:28:35.307root 11241100x800000000000000082711Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:35.307{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8cdb292a9d0eea082021-12-17 11:28:35.307root 11241100x800000000000000082712Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:35.308{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cca1cd4d7bab7bb12021-12-17 11:28:35.308root 11241100x800000000000000082713Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:35.308{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a3d657fed51c30b22021-12-17 11:28:35.308root 11241100x800000000000000082714Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:35.308{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d0fb1d14f36259a2021-12-17 11:28:35.308root 11241100x800000000000000082715Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:35.308{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f7baeeefa33ea3662021-12-17 11:28:35.308root 11241100x800000000000000082716Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:35.308{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90df0cef2144a4052021-12-17 11:28:35.308root 11241100x800000000000000082717Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:35.308{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91dcf6f51060ac782021-12-17 11:28:35.308root 11241100x800000000000000082718Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:35.308{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1060912d48abcba02021-12-17 11:28:35.308root 11241100x800000000000000082719Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:35.308{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f8cf01b41a829f6f2021-12-17 11:28:35.308root 11241100x800000000000000082720Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:35.308{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d3c9d50e223dcfb22021-12-17 11:28:35.308root 11241100x800000000000000082721Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:35.308{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.72c2d47284e71c272021-12-17 11:28:35.308root 11241100x800000000000000082722Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:35.308{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eadc1bc94c9ddcf22021-12-17 11:28:35.308root 11241100x800000000000000082723Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:35.806{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d369bf5edfe4ef9e2021-12-17 11:28:35.806root 11241100x800000000000000082724Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:35.806{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00f02ceab407bc282021-12-17 11:28:35.806root 11241100x800000000000000082725Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:35.806{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c618890c5289d3d42021-12-17 11:28:35.806root 11241100x800000000000000082726Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:35.806{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd33aeeeb765f5122021-12-17 11:28:35.806root 11241100x800000000000000082727Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:35.806{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2a42ad9e999f1d4b2021-12-17 11:28:35.806root 11241100x800000000000000082728Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:35.807{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.88636a72c798dd6c2021-12-17 11:28:35.807root 11241100x800000000000000082729Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:35.807{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5905974c3244ab392021-12-17 11:28:35.807root 11241100x800000000000000082730Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:35.807{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b2bac148886f21d12021-12-17 11:28:35.807root 11241100x800000000000000082731Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:35.807{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.18e406db6c78c4d12021-12-17 11:28:35.807root 11241100x800000000000000082732Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:35.807{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f9134369ede326422021-12-17 11:28:35.807root 11241100x800000000000000082733Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:35.807{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.565f05a8ba64dfec2021-12-17 11:28:35.807root 11241100x800000000000000082734Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:35.807{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a1784261647d84e2021-12-17 11:28:35.807root 11241100x800000000000000082735Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:35.807{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7fab4a73049ddae2021-12-17 11:28:35.807root 11241100x800000000000000082736Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:35.808{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e81f5e7979ceee42021-12-17 11:28:35.808root 11241100x800000000000000082737Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:35.808{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9f4581c25cbc8d822021-12-17 11:28:35.808root 11241100x800000000000000082738Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:35.808{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.34ea7186b6a240a32021-12-17 11:28:35.808root 11241100x800000000000000082739Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:35.808{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ac41a21e3daa5ab2021-12-17 11:28:35.808root 11241100x800000000000000082740Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:35.808{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df8291da2f4c73962021-12-17 11:28:35.808root 11241100x800000000000000082741Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:35.808{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b8b06df88ace9332021-12-17 11:28:35.808root 11241100x800000000000000082742Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:35.809{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b0f6e7199afcf6a2021-12-17 11:28:35.809root 11241100x800000000000000082743Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:36.306{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.109be510c64e57c22021-12-17 11:28:36.306root 11241100x800000000000000082744Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:36.307{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.189ad6ec2ac32bdd2021-12-17 11:28:36.307root 11241100x800000000000000082745Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:36.307{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dfdb01d940033c762021-12-17 11:28:36.307root 11241100x800000000000000082746Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:36.307{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a38b614b17cf745e2021-12-17 11:28:36.307root 11241100x800000000000000082747Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:36.307{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f9652e2c00ef1712021-12-17 11:28:36.307root 11241100x800000000000000082748Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:36.307{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b53becf3536dd1522021-12-17 11:28:36.307root 11241100x800000000000000082749Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:36.307{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.81cc59b846e4aeb82021-12-17 11:28:36.307root 11241100x800000000000000082750Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:36.308{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c574b9ffe03ec942021-12-17 11:28:36.308root 11241100x800000000000000082751Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:36.308{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.086aa6d30189f96f2021-12-17 11:28:36.308root 11241100x800000000000000082752Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:36.308{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.71f90f4d4c99615d2021-12-17 11:28:36.308root 11241100x800000000000000082753Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:36.308{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.331da530f7fa6de02021-12-17 11:28:36.308root 11241100x800000000000000082754Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:36.308{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.593eb54d5ef51a042021-12-17 11:28:36.308root 11241100x800000000000000082755Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:36.308{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b0a6d25298d37652021-12-17 11:28:36.308root 11241100x800000000000000082756Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:36.309{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ffae091228e317982021-12-17 11:28:36.309root 11241100x800000000000000082757Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:36.309{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af671fa42ecc78f22021-12-17 11:28:36.309root 11241100x800000000000000082758Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:36.309{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.344163c8e769c3122021-12-17 11:28:36.309root 11241100x800000000000000082759Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:36.309{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec061a549d8bcdaa2021-12-17 11:28:36.309root 11241100x800000000000000082760Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:36.309{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.823eb0e27b6b937f2021-12-17 11:28:36.309root 11241100x800000000000000082761Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:36.309{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.983a6e79d0b888be2021-12-17 11:28:36.309root 11241100x800000000000000082762Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:36.807{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8919acdba9142e502021-12-17 11:28:36.807root 11241100x800000000000000082763Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:36.807{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8bc3fec316ee2c612021-12-17 11:28:36.807root 11241100x800000000000000082764Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:36.807{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.65085618b7e014bc2021-12-17 11:28:36.807root 11241100x800000000000000082765Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:36.807{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ee5103be6f23aee2021-12-17 11:28:36.807root 11241100x800000000000000082766Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:36.807{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e3206782b0bba9c2021-12-17 11:28:36.807root 11241100x800000000000000082767Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:36.807{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.62305909497295562021-12-17 11:28:36.807root 11241100x800000000000000082768Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:36.807{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a59d8bbedb253972021-12-17 11:28:36.807root 11241100x800000000000000082769Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:36.807{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7bbd24724bd822972021-12-17 11:28:36.807root 11241100x800000000000000082770Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:36.807{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ab52438a8c7b37f2021-12-17 11:28:36.807root 11241100x800000000000000082771Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:36.808{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.28ba1aa3e0ee55932021-12-17 11:28:36.808root 11241100x800000000000000082772Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:36.808{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f3b52be7df62b6472021-12-17 11:28:36.808root 11241100x800000000000000082773Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:36.808{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ab47f1eefed97c7f2021-12-17 11:28:36.808root 11241100x800000000000000082774Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:36.808{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.356007d08c3f25932021-12-17 11:28:36.808root 11241100x800000000000000082775Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:36.808{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b85c68b6b34462612021-12-17 11:28:36.808root 11241100x800000000000000082776Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:36.808{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c65b25da223097f2021-12-17 11:28:36.808root 11241100x800000000000000082777Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:36.808{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.255907e0dcd2e6192021-12-17 11:28:36.808root 11241100x800000000000000082778Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:36.808{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ab9d55463da448e2021-12-17 11:28:36.808root 11241100x800000000000000082779Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:36.809{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e1c21356a6ecb4452021-12-17 11:28:36.809root 354300x800000000000000082780Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:37.200{ec28ba6a-70a3-61bc-5175-3a0400000000}5248/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-42974-false10.0.1.12-8000- 11241100x800000000000000082781Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:37.201{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.97e87e3b6fabb0a92021-12-17 11:28:37.201root 11241100x800000000000000082782Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:37.201{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3364ae6f892dfe3a2021-12-17 11:28:37.201root 11241100x800000000000000082783Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:37.202{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a5a577ac64c46552021-12-17 11:28:37.202root 11241100x800000000000000082784Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:37.202{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ccc89fe38bcb505a2021-12-17 11:28:37.202root 11241100x800000000000000082785Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:37.202{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f577ce86123dca3e2021-12-17 11:28:37.202root 11241100x800000000000000082786Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:37.202{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63725b901ca4153d2021-12-17 11:28:37.202root 11241100x800000000000000082787Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:37.202{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.32d8eca76249df6f2021-12-17 11:28:37.202root 11241100x800000000000000082788Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:37.202{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.93b0cb1bae614b6f2021-12-17 11:28:37.202root 11241100x800000000000000082789Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:37.202{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d1fb332562da53d2021-12-17 11:28:37.202root 11241100x800000000000000082790Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:37.202{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9336ebe7ca211b202021-12-17 11:28:37.202root 11241100x800000000000000082791Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:37.203{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.55a1c5c960f715812021-12-17 11:28:37.203root 11241100x800000000000000082792Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:37.203{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2def40531423352a2021-12-17 11:28:37.203root 11241100x800000000000000082793Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:37.203{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2cd44d3c29d5b0432021-12-17 11:28:37.203root 11241100x800000000000000082794Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:37.203{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aed81fce436c13932021-12-17 11:28:37.203root 11241100x800000000000000082795Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:37.203{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6b2900bcfb118fd2021-12-17 11:28:37.203root 11241100x800000000000000082796Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:37.203{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.68c97fb62bb18e402021-12-17 11:28:37.203root 11241100x800000000000000082797Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:37.203{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c28dd34fefdb7262021-12-17 11:28:37.203root 11241100x800000000000000082798Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:37.203{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d47cdd2f2cccc57a2021-12-17 11:28:37.203root 11241100x800000000000000082799Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:37.203{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ced6e2ba9320b022021-12-17 11:28:37.203root 11241100x800000000000000082800Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:37.203{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5eabfa5a31a3ca762021-12-17 11:28:37.203root 11241100x800000000000000082801Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:37.204{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.889764185e79143c2021-12-17 11:28:37.204root 11241100x800000000000000082802Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:37.204{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e6ef288d37a480a2021-12-17 11:28:37.204root 11241100x800000000000000082803Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:37.204{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef585680fcead4aa2021-12-17 11:28:37.204root 11241100x800000000000000082804Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:37.204{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1329164f4d7c1da22021-12-17 11:28:37.204root 11241100x800000000000000082805Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:37.204{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5139b54c655412f62021-12-17 11:28:37.204root 11241100x800000000000000082806Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:37.204{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c4b07b089fc1d9a2021-12-17 11:28:37.204root 11241100x800000000000000082807Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:37.205{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a63734222eee50e2021-12-17 11:28:37.205root 11241100x800000000000000082808Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:37.556{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c4b614a7d1bc01a22021-12-17 11:28:37.556root 11241100x800000000000000082809Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:37.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.348a7383357dd0002021-12-17 11:28:37.557root 11241100x800000000000000082810Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:37.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.107eab92f10f11002021-12-17 11:28:37.557root 11241100x800000000000000082811Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:37.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f42d6456188f399f2021-12-17 11:28:37.557root 11241100x800000000000000082812Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:37.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6e8672c7dd6a25072021-12-17 11:28:37.558root 11241100x800000000000000082813Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:37.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47adf0b5547dc6b32021-12-17 11:28:37.558root 11241100x800000000000000082814Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:37.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec064d9f55be07c72021-12-17 11:28:37.558root 11241100x800000000000000082815Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:37.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76b2a22531a321012021-12-17 11:28:37.558root 11241100x800000000000000082816Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:37.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d52429d0817ce992021-12-17 11:28:37.558root 11241100x800000000000000082817Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:37.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f496fc65d99e8b9f2021-12-17 11:28:37.558root 11241100x800000000000000082818Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:37.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec81c9c230e7e6fd2021-12-17 11:28:37.558root 11241100x800000000000000082819Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:37.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b68dfcc3a74e31e2021-12-17 11:28:37.558root 11241100x800000000000000082820Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:37.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5793e19c126001732021-12-17 11:28:37.558root 11241100x800000000000000082821Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:37.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.36fff07872eeac292021-12-17 11:28:37.558root 11241100x800000000000000082822Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:37.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2dff6c5b0f9b83aa2021-12-17 11:28:37.558root 11241100x800000000000000082823Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:37.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3cc3decef5b894b42021-12-17 11:28:37.558root 11241100x800000000000000082824Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:37.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8bb2116805a998182021-12-17 11:28:37.558root 11241100x800000000000000082825Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:37.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7eb0395c3eda76a22021-12-17 11:28:37.558root 11241100x800000000000000082826Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:37.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1e6c07f875607b282021-12-17 11:28:37.559root 11241100x800000000000000082827Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:38.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c79de12475ccc6182021-12-17 11:28:38.056root 11241100x800000000000000082828Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:38.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0f8024a07a2fb8442021-12-17 11:28:38.057root 11241100x800000000000000082829Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:38.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.940e9f60c3dcf6632021-12-17 11:28:38.057root 11241100x800000000000000082830Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:38.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e698801bacfdc6ab2021-12-17 11:28:38.057root 11241100x800000000000000082831Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:38.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e95c27cf649fd0f32021-12-17 11:28:38.058root 11241100x800000000000000082832Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:38.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a596707aeb9889332021-12-17 11:28:38.058root 11241100x800000000000000082833Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:38.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b273c18ae705bc892021-12-17 11:28:38.058root 11241100x800000000000000082834Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:38.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed4f09a023bc5e3e2021-12-17 11:28:38.058root 11241100x800000000000000082835Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:38.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f692bba277b78d272021-12-17 11:28:38.058root 11241100x800000000000000082836Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:38.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f0d7b157fcedf4372021-12-17 11:28:38.058root 11241100x800000000000000082837Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:38.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ade5f3e849b342e32021-12-17 11:28:38.058root 11241100x800000000000000082838Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:38.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c921a14b9a5afac92021-12-17 11:28:38.058root 11241100x800000000000000082839Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:38.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.530b99065bd92a912021-12-17 11:28:38.058root 11241100x800000000000000082840Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:38.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21ccb048d99ea3912021-12-17 11:28:38.058root 11241100x800000000000000082841Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:38.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.07a0992b6aa30c8d2021-12-17 11:28:38.058root 11241100x800000000000000082842Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:38.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6185f9c88c416b2f2021-12-17 11:28:38.059root 11241100x800000000000000082843Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:38.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e9574e3b0732bf142021-12-17 11:28:38.059root 11241100x800000000000000082844Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:38.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.911b50707d3726632021-12-17 11:28:38.059root 11241100x800000000000000082845Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:38.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ea5d3da1a190d8ed2021-12-17 11:28:38.059root 11241100x800000000000000082846Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:38.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e774fdd8c21815f2021-12-17 11:28:38.557root 11241100x800000000000000082847Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:38.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e2865c10539a31c22021-12-17 11:28:38.557root 11241100x800000000000000082848Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:38.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bec737da6b1b0f3f2021-12-17 11:28:38.557root 11241100x800000000000000082849Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:38.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d215a3c519b72ad12021-12-17 11:28:38.557root 11241100x800000000000000082850Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:38.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6859d5e7c1bc6efe2021-12-17 11:28:38.557root 11241100x800000000000000082851Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:38.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e46d986f592d919b2021-12-17 11:28:38.557root 11241100x800000000000000082852Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:38.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b05064b4a8ce44a32021-12-17 11:28:38.557root 11241100x800000000000000082853Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:38.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df15925cf63ceffb2021-12-17 11:28:38.557root 11241100x800000000000000082854Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:38.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.991de720557a04f62021-12-17 11:28:38.558root 11241100x800000000000000082855Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:38.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3182e08df5a916dc2021-12-17 11:28:38.558root 11241100x800000000000000082856Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:38.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d0db740ff763c7b22021-12-17 11:28:38.558root 11241100x800000000000000082857Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:38.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a66227c6ed3d8f562021-12-17 11:28:38.558root 11241100x800000000000000082858Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:38.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e432d7934a931682021-12-17 11:28:38.558root 11241100x800000000000000082859Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:38.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a3d290747f181b12021-12-17 11:28:38.558root 11241100x800000000000000082860Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:38.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2cffb58244a86b712021-12-17 11:28:38.558root 11241100x800000000000000082861Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:38.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca711184ca4b9b082021-12-17 11:28:38.558root 11241100x800000000000000082862Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:38.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.998b832961bb41322021-12-17 11:28:38.558root 11241100x800000000000000082863Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:38.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4d0b590b901585f62021-12-17 11:28:38.559root 11241100x800000000000000082864Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:38.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4faf30b9af18db022021-12-17 11:28:38.559root 11241100x800000000000000082865Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:39.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d21e81802f81f6a2021-12-17 11:28:39.057root 11241100x800000000000000082866Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:39.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8cf3c8cf872db08b2021-12-17 11:28:39.057root 11241100x800000000000000082867Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:39.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.17a3f3f59dff2c5d2021-12-17 11:28:39.057root 11241100x800000000000000082868Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:39.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d4ed5c8917880932021-12-17 11:28:39.057root 11241100x800000000000000082869Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:39.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.84428414a72b4a052021-12-17 11:28:39.057root 11241100x800000000000000082870Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:39.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4314715d1ea930f52021-12-17 11:28:39.057root 11241100x800000000000000082871Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:39.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc2a4b55fc82da7e2021-12-17 11:28:39.057root 11241100x800000000000000082872Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:39.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.faecd2b315e658ec2021-12-17 11:28:39.057root 11241100x800000000000000082873Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:39.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cace28e8551f64b32021-12-17 11:28:39.057root 11241100x800000000000000082874Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:39.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd307470cc13b0592021-12-17 11:28:39.058root 11241100x800000000000000082875Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:39.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f76bb25c3ec489172021-12-17 11:28:39.058root 11241100x800000000000000082876Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:39.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2b8dbc19b24014f72021-12-17 11:28:39.058root 11241100x800000000000000082877Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:39.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.607e07453cb3e62b2021-12-17 11:28:39.058root 11241100x800000000000000082878Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:39.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d158e1dd004844f2021-12-17 11:28:39.058root 11241100x800000000000000082879Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:39.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ceb9d33ea71f2af2021-12-17 11:28:39.058root 11241100x800000000000000082880Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:39.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8314ad8188f38ec2021-12-17 11:28:39.058root 11241100x800000000000000082881Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:39.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.65100fca334681c72021-12-17 11:28:39.058root 11241100x800000000000000082882Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:39.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.662d5e4f72f393252021-12-17 11:28:39.058root 11241100x800000000000000082883Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:39.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b8aa718ff213e512021-12-17 11:28:39.059root 11241100x800000000000000082884Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:39.556{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.912243a4490aa3ab2021-12-17 11:28:39.556root 11241100x800000000000000082885Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:39.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e5f32bb0e0f263d72021-12-17 11:28:39.557root 11241100x800000000000000082886Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:39.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.762508abc680876c2021-12-17 11:28:39.557root 11241100x800000000000000082887Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:39.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d10211411ae048f12021-12-17 11:28:39.557root 11241100x800000000000000082888Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:39.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ea4019cf6fade0d82021-12-17 11:28:39.557root 11241100x800000000000000082889Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:39.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.85ed4d3934fb61892021-12-17 11:28:39.557root 11241100x800000000000000082890Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:39.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96426d76f867530a2021-12-17 11:28:39.557root 11241100x800000000000000082891Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:39.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b81def1c19bc15e2021-12-17 11:28:39.557root 11241100x800000000000000082892Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:39.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d2bddede3b79f4f2021-12-17 11:28:39.557root 11241100x800000000000000082893Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:39.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.073f27fd5d607e242021-12-17 11:28:39.557root 11241100x800000000000000082894Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:39.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90a36d56e0d84eb82021-12-17 11:28:39.557root 11241100x800000000000000082895Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:39.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ab13dfe210a52f962021-12-17 11:28:39.557root 11241100x800000000000000082896Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:39.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f5d963e9f37325b82021-12-17 11:28:39.557root 11241100x800000000000000082897Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:39.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c3421a300a418be2021-12-17 11:28:39.558root 11241100x800000000000000082898Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:39.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ebe96e83149abf52021-12-17 11:28:39.558root 11241100x800000000000000082899Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:39.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.20a65e5bd339cf1e2021-12-17 11:28:39.558root 11241100x800000000000000082900Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:39.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dba44fde3fb69ad72021-12-17 11:28:39.558root 11241100x800000000000000082901Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:39.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1ca7c857b8f10092021-12-17 11:28:39.558root 11241100x800000000000000082902Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:39.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e93653c919f9a3652021-12-17 11:28:39.558root 11241100x800000000000000082903Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:40.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ca4a520bf940aa02021-12-17 11:28:40.057root 11241100x800000000000000082904Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:40.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91284f2a8bba5dc72021-12-17 11:28:40.057root 11241100x800000000000000082905Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:40.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0eb106c24a6c5a582021-12-17 11:28:40.057root 11241100x800000000000000082906Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:40.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.39a4b22be512e40b2021-12-17 11:28:40.058root 11241100x800000000000000082907Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:40.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4100739db82ade462021-12-17 11:28:40.058root 11241100x800000000000000082908Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:40.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b83be22e49489d6d2021-12-17 11:28:40.058root 11241100x800000000000000082909Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:40.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.15704eb8e2d048d72021-12-17 11:28:40.058root 11241100x800000000000000082910Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:40.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c9470f92d9c5153e2021-12-17 11:28:40.058root 11241100x800000000000000082911Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:40.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6080207efb8e6b892021-12-17 11:28:40.058root 11241100x800000000000000082912Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:40.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5fdefa165f61dfd52021-12-17 11:28:40.058root 11241100x800000000000000082913Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:40.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.22d6123da58ba2f42021-12-17 11:28:40.058root 11241100x800000000000000082914Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:40.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c814a65c55ac2512021-12-17 11:28:40.058root 11241100x800000000000000082915Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:40.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e33cd3361fdc0b472021-12-17 11:28:40.059root 11241100x800000000000000082916Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:40.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e0e4750185022922021-12-17 11:28:40.059root 11241100x800000000000000082917Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:40.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a98b2bb0cf8ab8c92021-12-17 11:28:40.059root 11241100x800000000000000082918Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:40.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee3fae5f7ed7ad372021-12-17 11:28:40.059root 11241100x800000000000000082919Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:40.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f64c87ec6f7a9ad52021-12-17 11:28:40.059root 11241100x800000000000000082920Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:40.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f47365fbe4d8297b2021-12-17 11:28:40.059root 11241100x800000000000000082921Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:40.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cfa6dc43fcebb9962021-12-17 11:28:40.059root 11241100x800000000000000082922Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:40.556{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd925919155afd6c2021-12-17 11:28:40.556root 11241100x800000000000000082923Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:40.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a807e428a641a9a2021-12-17 11:28:40.557root 11241100x800000000000000082924Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:40.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d44fa0e5d44727432021-12-17 11:28:40.557root 11241100x800000000000000082925Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:40.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48aa1c1a880c2dd52021-12-17 11:28:40.557root 11241100x800000000000000082926Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:40.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a11673c38af23bb42021-12-17 11:28:40.557root 11241100x800000000000000082927Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:40.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd8a3e1b041c81cd2021-12-17 11:28:40.557root 11241100x800000000000000082928Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:40.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.349b032ebbf79c632021-12-17 11:28:40.557root 11241100x800000000000000082929Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:40.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.99030c7a2da526ca2021-12-17 11:28:40.557root 11241100x800000000000000082930Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:40.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fbd7523933f42ed12021-12-17 11:28:40.557root 11241100x800000000000000082931Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:40.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.691955edb3a4bc502021-12-17 11:28:40.557root 11241100x800000000000000082932Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:40.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f7b7763c59384de2021-12-17 11:28:40.558root 11241100x800000000000000082933Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:40.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3b10592e6c05b512021-12-17 11:28:40.558root 11241100x800000000000000082934Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:40.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.61064384af34ec642021-12-17 11:28:40.558root 11241100x800000000000000082935Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:40.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2a77a63988f23c632021-12-17 11:28:40.558root 11241100x800000000000000082936Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:40.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0cd91259c813e8ca2021-12-17 11:28:40.558root 11241100x800000000000000082937Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:40.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.737953d355d28fb42021-12-17 11:28:40.558root 11241100x800000000000000082938Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:40.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.413a73ea2e044f8a2021-12-17 11:28:40.558root 11241100x800000000000000082939Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:40.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db3c7c7383fb63ab2021-12-17 11:28:40.558root 11241100x800000000000000082940Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:40.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0f62acf05bb535622021-12-17 11:28:40.558root 11241100x800000000000000082941Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:41.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d7618783b1edca12021-12-17 11:28:41.057root 11241100x800000000000000082942Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:41.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8a3094e965be308c2021-12-17 11:28:41.057root 11241100x800000000000000082943Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:41.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2b006359618856552021-12-17 11:28:41.057root 11241100x800000000000000082944Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:41.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.57715a1d7bb332452021-12-17 11:28:41.057root 11241100x800000000000000082945Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:41.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25352f79dee98c652021-12-17 11:28:41.057root 11241100x800000000000000082946Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:41.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1b282ca6ee4fb272021-12-17 11:28:41.057root 11241100x800000000000000082947Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:41.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee723be8293c540e2021-12-17 11:28:41.057root 11241100x800000000000000082948Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:41.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4e89ffed5a1aad62021-12-17 11:28:41.058root 11241100x800000000000000082949Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:41.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a56d479882f24c92021-12-17 11:28:41.058root 11241100x800000000000000082950Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:41.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b98907d577748162021-12-17 11:28:41.058root 11241100x800000000000000082951Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:41.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.765336d0145513c22021-12-17 11:28:41.058root 11241100x800000000000000082952Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:41.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41af089cc5c94f8d2021-12-17 11:28:41.058root 11241100x800000000000000082953Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:41.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.faa2f91d1312721a2021-12-17 11:28:41.058root 11241100x800000000000000082954Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:41.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6b2043b53fcf7392021-12-17 11:28:41.058root 11241100x800000000000000082955Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:41.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c5a3c5fd309f9822021-12-17 11:28:41.059root 11241100x800000000000000082956Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:41.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fcb91463b27e4e4e2021-12-17 11:28:41.059root 11241100x800000000000000082957Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:41.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.83e9b0c71a3b5a6a2021-12-17 11:28:41.059root 11241100x800000000000000082958Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:41.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.475e953cade62b192021-12-17 11:28:41.059root 11241100x800000000000000082959Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:41.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.75676821ea7fe9902021-12-17 11:28:41.059root 11241100x800000000000000082960Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:41.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.53a529cd75a235db2021-12-17 11:28:41.557root 11241100x800000000000000082961Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:41.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d8c4552c329dce12021-12-17 11:28:41.557root 11241100x800000000000000082962Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:41.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.61587003331b6a8c2021-12-17 11:28:41.557root 11241100x800000000000000082963Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:41.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a679fda390a644b2021-12-17 11:28:41.557root 11241100x800000000000000082964Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:41.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb6a7831d702f0cd2021-12-17 11:28:41.557root 11241100x800000000000000082965Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:41.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.65cb13678e08fc1a2021-12-17 11:28:41.557root 11241100x800000000000000082966Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:41.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.30a328aff4f086c82021-12-17 11:28:41.557root 11241100x800000000000000082967Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:41.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b47b53695e46f492021-12-17 11:28:41.557root 11241100x800000000000000082968Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:41.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3fefeb2b4ecf628a2021-12-17 11:28:41.557root 11241100x800000000000000082969Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:41.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed103b5178849d1f2021-12-17 11:28:41.557root 11241100x800000000000000082970Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:41.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.565b780f0187cd452021-12-17 11:28:41.557root 11241100x800000000000000082971Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:41.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc83dee8f4164d642021-12-17 11:28:41.557root 11241100x800000000000000082972Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:41.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae72f240c972ff3b2021-12-17 11:28:41.558root 11241100x800000000000000082973Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:41.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.553dc6e07a8064a42021-12-17 11:28:41.558root 11241100x800000000000000082974Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:41.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91fd04e44e6012d02021-12-17 11:28:41.558root 11241100x800000000000000082975Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:41.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9772e10c3b93a25a2021-12-17 11:28:41.558root 11241100x800000000000000082976Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:41.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1cb6856c160d37342021-12-17 11:28:41.558root 11241100x800000000000000082977Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:41.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2dcb0e6bc56651122021-12-17 11:28:41.558root 11241100x800000000000000082978Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:41.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff36082d29b9a23c2021-12-17 11:28:41.558root 11241100x800000000000000082979Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:42.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ebffdfb63ff36eb72021-12-17 11:28:42.057root 11241100x800000000000000082980Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:42.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d517a2bb4468f0be2021-12-17 11:28:42.057root 11241100x800000000000000082981Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:42.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7fc77891b08504022021-12-17 11:28:42.057root 11241100x800000000000000082982Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:42.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b2d540f144269a962021-12-17 11:28:42.057root 11241100x800000000000000082983Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:42.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.707a6e43057926ee2021-12-17 11:28:42.058root 11241100x800000000000000082984Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:42.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e02acc2edbf444072021-12-17 11:28:42.058root 11241100x800000000000000082985Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:42.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d15ae5593c5c644d2021-12-17 11:28:42.058root 11241100x800000000000000082986Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:42.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7d3d72d123267692021-12-17 11:28:42.058root 11241100x800000000000000082987Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:42.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.358242d9e61fda912021-12-17 11:28:42.058root 11241100x800000000000000082988Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:42.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7fa99fe5398af5702021-12-17 11:28:42.058root 11241100x800000000000000082989Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:42.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc34f6186a9fd1662021-12-17 11:28:42.059root 11241100x800000000000000082990Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:42.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4352805c591d31b92021-12-17 11:28:42.059root 11241100x800000000000000082991Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:42.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dea1355f144cf89c2021-12-17 11:28:42.059root 11241100x800000000000000082992Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:42.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4aac527f22b411082021-12-17 11:28:42.059root 11241100x800000000000000082993Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:42.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.760e6c24ca2c936f2021-12-17 11:28:42.059root 11241100x800000000000000082994Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:42.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.92ce51ba130e95862021-12-17 11:28:42.059root 11241100x800000000000000082995Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:42.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c4f550898763be5b2021-12-17 11:28:42.059root 11241100x800000000000000082996Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:42.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.908aecdadc9667472021-12-17 11:28:42.059root 11241100x800000000000000082997Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:42.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d4c2828fa8cebedc2021-12-17 11:28:42.059root 354300x800000000000000082998Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:42.211{ec28ba6a-70a3-61bc-5175-3a0400000000}5248/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-42976-false10.0.1.12-8000- 11241100x800000000000000082999Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:42.556{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a5eb2775a263c5102021-12-17 11:28:42.556root 11241100x800000000000000083000Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:42.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba5251ff23a24e2f2021-12-17 11:28:42.557root 11241100x800000000000000083001Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:42.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bdc69eb294b1dd872021-12-17 11:28:42.557root 11241100x800000000000000083002Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:42.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bee653f00314ff8f2021-12-17 11:28:42.557root 11241100x800000000000000083003Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:42.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.19f3a2346f087a262021-12-17 11:28:42.557root 11241100x800000000000000083004Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:42.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ed3b194225110202021-12-17 11:28:42.557root 11241100x800000000000000083005Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:42.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e40f0c249f2376802021-12-17 11:28:42.557root 11241100x800000000000000083006Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:42.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4103d4d7eccea8922021-12-17 11:28:42.557root 11241100x800000000000000083007Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:42.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae6a158f13bddc842021-12-17 11:28:42.557root 11241100x800000000000000083008Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:42.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3889092dbb6b482b2021-12-17 11:28:42.557root 11241100x800000000000000083009Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:42.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cb5f06b883014aa82021-12-17 11:28:42.557root 11241100x800000000000000083010Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:42.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d5fbcc9eb275eac2021-12-17 11:28:42.557root 11241100x800000000000000083011Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:42.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ee00e14f740dbb52021-12-17 11:28:42.557root 11241100x800000000000000083012Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:42.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc410e4ea538acec2021-12-17 11:28:42.557root 11241100x800000000000000083013Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:42.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0e3fb71b8da00ec2021-12-17 11:28:42.558root 11241100x800000000000000083014Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:42.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.178f32fa337a11042021-12-17 11:28:42.558root 11241100x800000000000000083015Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:42.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b962b1467c3024d92021-12-17 11:28:42.558root 11241100x800000000000000083016Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:42.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.13ad23334dac0dea2021-12-17 11:28:42.558root 11241100x800000000000000083017Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:42.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aadbb6181fb5ddf42021-12-17 11:28:42.558root 11241100x800000000000000083018Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:42.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d834b3109131010e2021-12-17 11:28:42.558root 11241100x800000000000000083019Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:43.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db4f5ab1f09f51632021-12-17 11:28:43.057root 11241100x800000000000000083020Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:43.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b495f679e51121c2021-12-17 11:28:43.057root 11241100x800000000000000083021Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:43.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.87008aaf168c7aaa2021-12-17 11:28:43.057root 11241100x800000000000000083022Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:43.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3bca2ce219e27962021-12-17 11:28:43.057root 11241100x800000000000000083023Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:43.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0bab2dad757f0002021-12-17 11:28:43.057root 11241100x800000000000000083024Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:43.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3edfbaf6d6ea15852021-12-17 11:28:43.057root 11241100x800000000000000083025Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:43.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc9e8f18006d9ac92021-12-17 11:28:43.057root 11241100x800000000000000083026Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:43.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a9f490e4d57104ed2021-12-17 11:28:43.057root 11241100x800000000000000083027Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:43.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf4ff2b010bc49242021-12-17 11:28:43.057root 11241100x800000000000000083028Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:43.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.903a1c585fddb98b2021-12-17 11:28:43.057root 11241100x800000000000000083029Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:43.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b885e1a847a2e7972021-12-17 11:28:43.057root 11241100x800000000000000083030Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:43.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b085ee4d930b53c2021-12-17 11:28:43.057root 11241100x800000000000000083031Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:43.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4e85dd18b29ae642021-12-17 11:28:43.058root 11241100x800000000000000083032Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:43.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ca8b817168432e92021-12-17 11:28:43.058root 11241100x800000000000000083033Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:43.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a7c4df920494a692021-12-17 11:28:43.058root 11241100x800000000000000083034Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:43.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f90aee1f165e09cc2021-12-17 11:28:43.058root 11241100x800000000000000083035Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:43.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.36c3a9afcad033152021-12-17 11:28:43.058root 11241100x800000000000000083036Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:43.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.82bb60bff93819bc2021-12-17 11:28:43.058root 11241100x800000000000000083037Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:43.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d941ceb1fc787d0b2021-12-17 11:28:43.058root 11241100x800000000000000083038Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:43.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba4a38ebb1f0710b2021-12-17 11:28:43.058root 11241100x800000000000000083039Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:43.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0cc8bfa006463ee52021-12-17 11:28:43.557root 11241100x800000000000000083040Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:43.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.59d79e9ff85d9bb22021-12-17 11:28:43.557root 11241100x800000000000000083041Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:43.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4cd8b008b97aa8aa2021-12-17 11:28:43.557root 11241100x800000000000000083042Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:43.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c0898f7bad028262021-12-17 11:28:43.557root 11241100x800000000000000083043Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:43.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b5237e74604dffab2021-12-17 11:28:43.557root 11241100x800000000000000083044Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:43.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8eff5f91571b84972021-12-17 11:28:43.557root 11241100x800000000000000083045Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:43.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.442b9762093ce6942021-12-17 11:28:43.557root 11241100x800000000000000083046Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:43.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9451977273309bac2021-12-17 11:28:43.557root 11241100x800000000000000083047Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:43.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f23308fa339c437b2021-12-17 11:28:43.557root 11241100x800000000000000083048Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:43.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.685358bfcb018cf42021-12-17 11:28:43.557root 11241100x800000000000000083049Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:43.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e5139c1be5f451e2021-12-17 11:28:43.557root 11241100x800000000000000083050Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:43.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9fb2a7249ac7437b2021-12-17 11:28:43.558root 11241100x800000000000000083051Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:43.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d91ac38d5b84c8202021-12-17 11:28:43.558root 11241100x800000000000000083052Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:43.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e73c8de56ddfd90a2021-12-17 11:28:43.558root 11241100x800000000000000083053Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:43.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0754de6fc985a8e42021-12-17 11:28:43.558root 11241100x800000000000000083054Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:43.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.691e23f0a1e527692021-12-17 11:28:43.558root 11241100x800000000000000083055Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:43.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f24bd96cdb3a024a2021-12-17 11:28:43.558root 11241100x800000000000000083056Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:43.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4193bd5cfe460e932021-12-17 11:28:43.558root 11241100x800000000000000083057Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:43.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.003e6d680ba394232021-12-17 11:28:43.558root 11241100x800000000000000083058Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:43.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e819dd238bc69a12021-12-17 11:28:43.558root 11241100x800000000000000083059Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:44.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9dd614bb299e87c72021-12-17 11:28:44.057root 11241100x800000000000000083060Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:44.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96152b6e2e44b1432021-12-17 11:28:44.057root 11241100x800000000000000083061Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:44.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d82364cabf81e30c2021-12-17 11:28:44.057root 11241100x800000000000000083062Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:44.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1268c90079dad2ec2021-12-17 11:28:44.057root 11241100x800000000000000083063Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:44.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f1da4553d33228b22021-12-17 11:28:44.057root 11241100x800000000000000083064Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:44.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1659868feb0928c62021-12-17 11:28:44.057root 11241100x800000000000000083065Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:44.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aabed379beff1d9d2021-12-17 11:28:44.057root 11241100x800000000000000083066Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:44.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0f746f915984c2fd2021-12-17 11:28:44.057root 11241100x800000000000000083067Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:44.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd727afd1279b6dc2021-12-17 11:28:44.057root 11241100x800000000000000083068Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:44.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.62de058158b44ced2021-12-17 11:28:44.057root 11241100x800000000000000083069Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:44.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.300e40bc2b9c0f4c2021-12-17 11:28:44.057root 11241100x800000000000000083070Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:44.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2980b9b7438739872021-12-17 11:28:44.057root 11241100x800000000000000083071Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:44.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e2b09bac74af7572021-12-17 11:28:44.057root 11241100x800000000000000083072Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:44.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4386bad31469d59e2021-12-17 11:28:44.057root 11241100x800000000000000083073Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:44.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8a552e884abb92c22021-12-17 11:28:44.058root 11241100x800000000000000083074Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:44.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.357123010800a0ab2021-12-17 11:28:44.058root 11241100x800000000000000083075Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:44.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b5fc958d2288bd162021-12-17 11:28:44.058root 11241100x800000000000000083076Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:44.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cdb332563139a26f2021-12-17 11:28:44.058root 11241100x800000000000000083077Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:44.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be61f1c6b26e59652021-12-17 11:28:44.058root 11241100x800000000000000083078Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:44.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e6f26cfbf7dbdf52021-12-17 11:28:44.058root 11241100x800000000000000083079Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:44.556{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.396a86d13d5785ee2021-12-17 11:28:44.556root 11241100x800000000000000083080Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:44.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db96b7fffcbffb852021-12-17 11:28:44.557root 11241100x800000000000000083081Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:44.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.928a9d67e5b98ee82021-12-17 11:28:44.557root 11241100x800000000000000083082Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:44.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4bb5859e0781fc192021-12-17 11:28:44.557root 11241100x800000000000000083083Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:44.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eba6e36905003f852021-12-17 11:28:44.557root 11241100x800000000000000083084Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:44.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.384b0ef60c5305b52021-12-17 11:28:44.557root 11241100x800000000000000083085Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:44.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.11ecad231728b4802021-12-17 11:28:44.557root 11241100x800000000000000083086Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:44.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.413a365ac4a75da52021-12-17 11:28:44.557root 11241100x800000000000000083087Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:44.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ad87f3bd5055ea3b2021-12-17 11:28:44.557root 11241100x800000000000000083088Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:44.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b634ee8c6fac1a42021-12-17 11:28:44.557root 11241100x800000000000000083089Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:44.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2472adeb760bad6f2021-12-17 11:28:44.557root 11241100x800000000000000083090Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:44.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dbc24e8fcf6ca11f2021-12-17 11:28:44.557root 11241100x800000000000000083091Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:44.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.520d43ed0621d33a2021-12-17 11:28:44.557root 11241100x800000000000000083092Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:44.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.57358e401572e5982021-12-17 11:28:44.557root 11241100x800000000000000083093Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:44.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2b3aa274227608482021-12-17 11:28:44.557root 11241100x800000000000000083094Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:44.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dacbe0ef8ce53a4b2021-12-17 11:28:44.558root 11241100x800000000000000083095Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:44.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c19d1707e55ff2a12021-12-17 11:28:44.558root 11241100x800000000000000083096Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:44.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f963805138b8ecf92021-12-17 11:28:44.558root 11241100x800000000000000083097Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:44.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.327cc79a5aca50482021-12-17 11:28:44.558root 11241100x800000000000000083098Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:44.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e3cb89b82e61d1902021-12-17 11:28:44.558root 11241100x800000000000000083099Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:45.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa2db456232dd09d2021-12-17 11:28:45.057root 11241100x800000000000000083100Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:45.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c490a02e12a15f092021-12-17 11:28:45.057root 11241100x800000000000000083101Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:45.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e8a5f7d55c6b1c62021-12-17 11:28:45.057root 11241100x800000000000000083102Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:45.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa3960e5914d89e42021-12-17 11:28:45.057root 11241100x800000000000000083103Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:45.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.43d673c6ae54ab292021-12-17 11:28:45.057root 11241100x800000000000000083104Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:45.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b0d27b863a2757e2021-12-17 11:28:45.057root 11241100x800000000000000083105Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:45.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.42bf8edbba6cefe72021-12-17 11:28:45.057root 11241100x800000000000000083106Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:45.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e50eaae50278b772021-12-17 11:28:45.057root 11241100x800000000000000083107Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:45.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.332491fa18d0393a2021-12-17 11:28:45.057root 11241100x800000000000000083108Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:45.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1e6c724960b498b12021-12-17 11:28:45.057root 11241100x800000000000000083109Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:45.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0284287a34da47722021-12-17 11:28:45.057root 11241100x800000000000000083110Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:45.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.74a51d3708f5348d2021-12-17 11:28:45.057root 11241100x800000000000000083111Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:45.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fff26c7d819bca792021-12-17 11:28:45.057root 11241100x800000000000000083112Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:45.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e1cfa937f0019242021-12-17 11:28:45.057root 11241100x800000000000000083113Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:45.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8726c40da8f249a42021-12-17 11:28:45.058root 11241100x800000000000000083114Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:45.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.19672df9af2a87af2021-12-17 11:28:45.058root 11241100x800000000000000083115Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:45.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b8f7f1c27779c8562021-12-17 11:28:45.058root 11241100x800000000000000083116Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:45.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.414bb535086627822021-12-17 11:28:45.058root 11241100x800000000000000083117Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:45.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.beba9db305d51ac32021-12-17 11:28:45.058root 11241100x800000000000000083118Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:45.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee1bca1a6c2eb37d2021-12-17 11:28:45.058root 11241100x800000000000000083119Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:45.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f6fe200d4564a1e02021-12-17 11:28:45.557root 11241100x800000000000000083120Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:45.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c46b1ac6fcce8e4e2021-12-17 11:28:45.557root 11241100x800000000000000083121Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:45.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd57d5f09a7d94ca2021-12-17 11:28:45.557root 11241100x800000000000000083122Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:45.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c9c82b2a73b42172021-12-17 11:28:45.557root 11241100x800000000000000083123Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:45.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.50b7088f4b255e552021-12-17 11:28:45.557root 11241100x800000000000000083124Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:45.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1fd909929f570fd2021-12-17 11:28:45.557root 11241100x800000000000000083125Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:45.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.494b71c13fcd81772021-12-17 11:28:45.557root 11241100x800000000000000083126Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:45.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.70b02752c838b23d2021-12-17 11:28:45.557root 11241100x800000000000000083127Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:45.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1891e5c4ab0d1d62021-12-17 11:28:45.558root 11241100x800000000000000083128Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:45.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df381cbeaeea87c52021-12-17 11:28:45.558root 11241100x800000000000000083129Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:45.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af12a24dd0cf0bbe2021-12-17 11:28:45.558root 11241100x800000000000000083130Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:45.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.828f9055bdb4eb812021-12-17 11:28:45.558root 11241100x800000000000000083131Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:45.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.027af2d423fa1fa42021-12-17 11:28:45.558root 11241100x800000000000000083132Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:45.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.111feec81faeda152021-12-17 11:28:45.558root 11241100x800000000000000083133Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:45.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.079c0cd403b68faf2021-12-17 11:28:45.558root 11241100x800000000000000083134Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:45.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.45a4d675720dafb72021-12-17 11:28:45.558root 11241100x800000000000000083135Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:45.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f9c29364aeff8a4a2021-12-17 11:28:45.558root 11241100x800000000000000083136Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:45.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.86dd752b344cfad02021-12-17 11:28:45.558root 11241100x800000000000000083137Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:45.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2fa687e74c2849ed2021-12-17 11:28:45.558root 11241100x800000000000000083138Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:45.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.448518c4b28f50fd2021-12-17 11:28:45.558root 11241100x800000000000000083139Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:46.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.92c12b2cdf9740052021-12-17 11:28:46.056root 11241100x800000000000000083140Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:46.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa74ca0f245185fd2021-12-17 11:28:46.057root 11241100x800000000000000083141Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:46.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b433bc2b21245f92021-12-17 11:28:46.057root 11241100x800000000000000083142Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:46.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33154c5b5e66c5fa2021-12-17 11:28:46.057root 11241100x800000000000000083143Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:46.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2af6a341956e1b782021-12-17 11:28:46.057root 11241100x800000000000000083144Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:46.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5eaaf58c1d4242722021-12-17 11:28:46.057root 11241100x800000000000000083145Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:46.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90e3e3780de53de32021-12-17 11:28:46.057root 11241100x800000000000000083146Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:46.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f4d4881f904591cf2021-12-17 11:28:46.057root 11241100x800000000000000083147Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:46.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e1b781077877818d2021-12-17 11:28:46.057root 11241100x800000000000000083148Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:46.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8172cb9a1cf4d4002021-12-17 11:28:46.057root 11241100x800000000000000083149Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:46.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.756b218233dfc6052021-12-17 11:28:46.057root 11241100x800000000000000083150Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:46.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee50c8755a9645472021-12-17 11:28:46.057root 11241100x800000000000000083151Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:46.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.733b3d8c68c196342021-12-17 11:28:46.057root 11241100x800000000000000083152Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:46.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.64557e394ba8cf112021-12-17 11:28:46.057root 11241100x800000000000000083153Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:46.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.08250e414d827d7a2021-12-17 11:28:46.058root 11241100x800000000000000083154Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:46.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b62367353d249b6c2021-12-17 11:28:46.058root 11241100x800000000000000083155Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:46.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d8720ebb26e2b602021-12-17 11:28:46.058root 11241100x800000000000000083156Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:46.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.72fb87345a38c9412021-12-17 11:28:46.058root 11241100x800000000000000083157Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:46.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b660fa66ab295adb2021-12-17 11:28:46.058root 11241100x800000000000000083158Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:46.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.351f8ee5dd0118652021-12-17 11:28:46.058root 11241100x800000000000000083159Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:46.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9229b1b2c5fae1a12021-12-17 11:28:46.557root 11241100x800000000000000083160Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:46.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.afe2a861e9ac157d2021-12-17 11:28:46.557root 11241100x800000000000000083161Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:46.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8a6baee16be6d4642021-12-17 11:28:46.557root 11241100x800000000000000083162Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:46.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.156cf2c29dbc55e92021-12-17 11:28:46.557root 11241100x800000000000000083163Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:46.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8be81a46abaa4c142021-12-17 11:28:46.557root 11241100x800000000000000083164Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:46.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.73b52998e08becbe2021-12-17 11:28:46.557root 11241100x800000000000000083165Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:46.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b5c63307d34427ae2021-12-17 11:28:46.557root 11241100x800000000000000083166Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:46.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.204770b72411b3592021-12-17 11:28:46.557root 11241100x800000000000000083167Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:46.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f264f98da7c820672021-12-17 11:28:46.557root 11241100x800000000000000083168Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:46.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9f658813f3e89db92021-12-17 11:28:46.557root 11241100x800000000000000083169Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:46.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38d1da79563ef0a62021-12-17 11:28:46.558root 11241100x800000000000000083170Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:46.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6639e83c9aaa20402021-12-17 11:28:46.558root 11241100x800000000000000083171Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:46.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2df9730c56a110862021-12-17 11:28:46.558root 11241100x800000000000000083172Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:46.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.03c097202f2cada52021-12-17 11:28:46.558root 11241100x800000000000000083173Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:46.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.776053c204d3b5e62021-12-17 11:28:46.558root 11241100x800000000000000083174Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:46.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.36a4e91ae4e946882021-12-17 11:28:46.558root 11241100x800000000000000083175Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:46.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b26310b1cbcbc5072021-12-17 11:28:46.558root 11241100x800000000000000083176Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:46.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c9e398f5b76aa1c2021-12-17 11:28:46.558root 11241100x800000000000000083177Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:46.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c70446db4c7c6382021-12-17 11:28:46.558root 11241100x800000000000000083178Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:46.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df417a603bf935802021-12-17 11:28:46.558root 11241100x800000000000000083179Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:47.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc33ea66f62384b82021-12-17 11:28:47.056root 11241100x800000000000000083180Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:47.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4708f783565106b32021-12-17 11:28:47.056root 11241100x800000000000000083181Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:47.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.04add3488b31acda2021-12-17 11:28:47.056root 11241100x800000000000000083182Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:47.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e3653e36cdfa1e382021-12-17 11:28:47.057root 11241100x800000000000000083183Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:47.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.076854d815a07ea12021-12-17 11:28:47.057root 11241100x800000000000000083184Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:47.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.610e9bef3eaedc792021-12-17 11:28:47.057root 11241100x800000000000000083185Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:47.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bef8700e77b653a22021-12-17 11:28:47.057root 11241100x800000000000000083186Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:47.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f38f0dd78a6033252021-12-17 11:28:47.057root 11241100x800000000000000083187Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:47.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd5f3e224470e4732021-12-17 11:28:47.057root 11241100x800000000000000083188Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:47.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c433c02ccb2587b2021-12-17 11:28:47.057root 11241100x800000000000000083189Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:47.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.16cb3c4a5531866c2021-12-17 11:28:47.057root 11241100x800000000000000083190Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:47.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c1378f4d6320c19c2021-12-17 11:28:47.057root 11241100x800000000000000083191Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:47.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.241863d1e4567aba2021-12-17 11:28:47.057root 11241100x800000000000000083192Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:47.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ece8444f42ba7ed12021-12-17 11:28:47.057root 11241100x800000000000000083193Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:47.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.470863848b75fe0e2021-12-17 11:28:47.057root 11241100x800000000000000083194Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:47.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.36d3f00820634d532021-12-17 11:28:47.058root 11241100x800000000000000083195Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:47.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e96c0b0be7e376562021-12-17 11:28:47.058root 11241100x800000000000000083196Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:47.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8488f236f17f77a12021-12-17 11:28:47.058root 11241100x800000000000000083197Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:47.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d9efcb3fc42ebc072021-12-17 11:28:47.058root 11241100x800000000000000083198Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:47.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.71cd2690d35fdf892021-12-17 11:28:47.058root 11241100x800000000000000083199Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:47.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6207562832fb8912021-12-17 11:28:47.557root 11241100x800000000000000083200Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:47.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e2305f8155b96cff2021-12-17 11:28:47.557root 11241100x800000000000000083201Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:47.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e8b91ce5f3709f62021-12-17 11:28:47.557root 11241100x800000000000000083202Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:47.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c8799d4a1cdc1732021-12-17 11:28:47.557root 11241100x800000000000000083203Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:47.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.232ecaccd22e8e222021-12-17 11:28:47.557root 11241100x800000000000000083204Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:47.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d67af65dad53a4dc2021-12-17 11:28:47.557root 11241100x800000000000000083205Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:47.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c1067c0814c3c9072021-12-17 11:28:47.557root 11241100x800000000000000083206Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:47.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a8cca28720135572021-12-17 11:28:47.557root 11241100x800000000000000083207Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:47.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6becc0ac2c39f3f82021-12-17 11:28:47.558root 11241100x800000000000000083208Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:47.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ef8d5a8cb9875ce2021-12-17 11:28:47.558root 11241100x800000000000000083209Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:47.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dff4571613e0ad8b2021-12-17 11:28:47.558root 11241100x800000000000000083210Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:47.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e14c49259cb3977c2021-12-17 11:28:47.558root 11241100x800000000000000083211Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:47.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.207d968a2563c2162021-12-17 11:28:47.558root 11241100x800000000000000083212Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:47.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.10b8181cb421af982021-12-17 11:28:47.558root 11241100x800000000000000083213Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:47.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91602ef313a03be42021-12-17 11:28:47.558root 11241100x800000000000000083214Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:47.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.761505eb6af64b302021-12-17 11:28:47.558root 11241100x800000000000000083215Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:47.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c5292fd620ffb4a32021-12-17 11:28:47.559root 11241100x800000000000000083216Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:47.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f53f0252ce0b02e02021-12-17 11:28:47.559root 11241100x800000000000000083217Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:47.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ef8bc785c0c06302021-12-17 11:28:47.559root 11241100x800000000000000083218Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:47.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.64f60af2ffe320f42021-12-17 11:28:47.559root 11241100x800000000000000083219Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:48.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ebbac14ebba1d302021-12-17 11:28:48.056root 11241100x800000000000000083220Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:48.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3f236b03a6296ad2021-12-17 11:28:48.056root 11241100x800000000000000083221Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:48.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e2bc7afb3b64ee52021-12-17 11:28:48.056root 11241100x800000000000000083222Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:48.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d5bbe51dfdbd4c302021-12-17 11:28:48.057root 11241100x800000000000000083223Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:48.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e762d1db2d856f592021-12-17 11:28:48.057root 11241100x800000000000000083224Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:48.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.740af8dd1e6434482021-12-17 11:28:48.057root 11241100x800000000000000083225Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:48.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.86f2a9ab408117bd2021-12-17 11:28:48.057root 11241100x800000000000000083226Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:48.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4cb8c292cbb2e1192021-12-17 11:28:48.057root 11241100x800000000000000083227Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:48.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5000bfcfbe16e0352021-12-17 11:28:48.057root 11241100x800000000000000083228Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:48.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a9cbb8b33d4ddc52021-12-17 11:28:48.057root 11241100x800000000000000083229Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:48.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd0c0a11bab50fd52021-12-17 11:28:48.057root 11241100x800000000000000083230Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:48.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.deb3340853ccdfba2021-12-17 11:28:48.058root 11241100x800000000000000083231Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:48.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.797f2bcb8a85575a2021-12-17 11:28:48.058root 11241100x800000000000000083232Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:48.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1616d7359a85d7642021-12-17 11:28:48.058root 11241100x800000000000000083233Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:48.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6e6b9100bb643eb42021-12-17 11:28:48.058root 11241100x800000000000000083234Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:48.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6acaf41f46908742021-12-17 11:28:48.058root 11241100x800000000000000083235Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:48.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3bad2f4e2b83af432021-12-17 11:28:48.058root 11241100x800000000000000083236Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:48.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3865cb1e7bf700142021-12-17 11:28:48.058root 11241100x800000000000000083237Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:48.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b432393cb6c7913f2021-12-17 11:28:48.058root 11241100x800000000000000083238Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:48.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e966b0a5a2492952021-12-17 11:28:48.058root 354300x800000000000000083239Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:48.182{ec28ba6a-70a3-61bc-5175-3a0400000000}5248/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-42978-false10.0.1.12-8000- 11241100x800000000000000083240Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:48.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02c647935f2998912021-12-17 11:28:48.557root 11241100x800000000000000083241Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:48.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.317a666cda6ce6b52021-12-17 11:28:48.557root 11241100x800000000000000083242Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:48.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1952cae76581041c2021-12-17 11:28:48.557root 11241100x800000000000000083243Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:48.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8ecff4230df6bfb2021-12-17 11:28:48.557root 11241100x800000000000000083244Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:48.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8cc17159787e39d52021-12-17 11:28:48.557root 11241100x800000000000000083245Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:48.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dee2539d418996fa2021-12-17 11:28:48.557root 11241100x800000000000000083246Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:48.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f2b1fdc1568e764a2021-12-17 11:28:48.557root 11241100x800000000000000083247Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:48.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e838187585d758fe2021-12-17 11:28:48.557root 11241100x800000000000000083248Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:48.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.83a07a7859276d2b2021-12-17 11:28:48.557root 11241100x800000000000000083249Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:48.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac82ef8423fec3242021-12-17 11:28:48.558root 11241100x800000000000000083250Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:48.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4f4c42649534d432021-12-17 11:28:48.558root 11241100x800000000000000083251Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:48.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e3111bd52f4828872021-12-17 11:28:48.558root 11241100x800000000000000083252Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:48.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de526886694134352021-12-17 11:28:48.558root 11241100x800000000000000083253Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:48.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cb418d03a279cce02021-12-17 11:28:48.558root 11241100x800000000000000083254Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:48.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ce645a3c91c0b0a2021-12-17 11:28:48.558root 11241100x800000000000000083255Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:48.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3aea61b6f3887e6f2021-12-17 11:28:48.558root 11241100x800000000000000083256Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:48.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.195efaf6f306b9b32021-12-17 11:28:48.558root 11241100x800000000000000083257Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:48.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ed1a992e3206e282021-12-17 11:28:48.558root 11241100x800000000000000083258Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:48.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c3620b12db77d922021-12-17 11:28:48.558root 11241100x800000000000000083259Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:48.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5376068800f012442021-12-17 11:28:48.558root 11241100x800000000000000083260Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:48.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ab6d1232035f1eba2021-12-17 11:28:48.558root 11241100x800000000000000083261Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:49.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ba3526eae7080552021-12-17 11:28:49.057root 11241100x800000000000000083262Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:49.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3dea09abccc8ea262021-12-17 11:28:49.057root 11241100x800000000000000083263Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:49.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.638889ca3e4693f12021-12-17 11:28:49.057root 11241100x800000000000000083264Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:49.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2ea0bc8fdcb508d2021-12-17 11:28:49.057root 11241100x800000000000000083265Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:49.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fda0005dc134786e2021-12-17 11:28:49.057root 11241100x800000000000000083266Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:49.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.66aa198768f4b4bc2021-12-17 11:28:49.057root 11241100x800000000000000083267Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:49.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69c4f6396a7e12652021-12-17 11:28:49.058root 11241100x800000000000000083268Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:49.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.46892cff78ccb8112021-12-17 11:28:49.058root 11241100x800000000000000083269Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:49.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8da63f2306e2d9e22021-12-17 11:28:49.058root 11241100x800000000000000083270Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:49.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a276fe00c5d283642021-12-17 11:28:49.058root 11241100x800000000000000083271Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:49.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9dfff4b54679d9fd2021-12-17 11:28:49.058root 11241100x800000000000000083272Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:49.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33c1168fc5dd3b482021-12-17 11:28:49.058root 11241100x800000000000000083273Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:49.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.88661da727dce3332021-12-17 11:28:49.058root 11241100x800000000000000083274Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:49.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6fd60509666d9b362021-12-17 11:28:49.058root 11241100x800000000000000083275Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:49.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2a1776247644ea5b2021-12-17 11:28:49.058root 11241100x800000000000000083276Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:49.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.046412020120e72b2021-12-17 11:28:49.058root 11241100x800000000000000083277Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:49.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc659ac1b049ef992021-12-17 11:28:49.059root 11241100x800000000000000083278Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:49.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d64fd2cd27679fe92021-12-17 11:28:49.059root 11241100x800000000000000083279Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:49.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd0877595f8c68662021-12-17 11:28:49.059root 11241100x800000000000000083280Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:49.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c5d92b5cf3ed0362021-12-17 11:28:49.059root 11241100x800000000000000083281Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:49.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da06696a364cf4532021-12-17 11:28:49.059root 11241100x800000000000000083282Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:49.556{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9bea178e56f54d632021-12-17 11:28:49.556root 11241100x800000000000000083283Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:49.556{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f6ee383e39b79b32021-12-17 11:28:49.556root 11241100x800000000000000083284Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:49.556{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.516fc7dc974186e72021-12-17 11:28:49.556root 11241100x800000000000000083285Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:49.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2347fca2c248dd8e2021-12-17 11:28:49.557root 11241100x800000000000000083286Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:49.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df42c6671927e44e2021-12-17 11:28:49.557root 11241100x800000000000000083287Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:49.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.14f6731a1cb844432021-12-17 11:28:49.557root 11241100x800000000000000083288Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:49.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.32e7bacf0d2f43bc2021-12-17 11:28:49.557root 11241100x800000000000000083289Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:49.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.072b72be5dcff9e72021-12-17 11:28:49.557root 11241100x800000000000000083290Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:49.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c07b762a7adc6802021-12-17 11:28:49.557root 11241100x800000000000000083291Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:49.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8d56f0aeb25036a2021-12-17 11:28:49.557root 11241100x800000000000000083292Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:49.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8b8348a2132f9dd2021-12-17 11:28:49.557root 11241100x800000000000000083293Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:49.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b45611e567068482021-12-17 11:28:49.558root 11241100x800000000000000083294Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:49.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ccae7b5de94527152021-12-17 11:28:49.558root 11241100x800000000000000083295Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:49.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4bdd2783f0a7efd22021-12-17 11:28:49.558root 11241100x800000000000000083296Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:49.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9f4fb35eb6ea5652021-12-17 11:28:49.558root 11241100x800000000000000083297Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:49.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d7b4c9979e92e1132021-12-17 11:28:49.558root 11241100x800000000000000083298Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:49.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da7d7389292492ff2021-12-17 11:28:49.559root 11241100x800000000000000083299Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:49.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.16051fa509be87d22021-12-17 11:28:49.559root 11241100x800000000000000083300Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:49.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de424ea54fd086cb2021-12-17 11:28:49.559root 11241100x800000000000000083301Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:49.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ab7842f5a5f4dd8a2021-12-17 11:28:49.559root 11241100x800000000000000083302Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:49.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0647ea67e795833e2021-12-17 11:28:49.559root 11241100x800000000000000083303Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:49.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ea42fc1a5a9579262021-12-17 11:28:49.559root 11241100x800000000000000083304Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:49.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d159248b8508b7302021-12-17 11:28:49.559root 11241100x800000000000000083305Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:49.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4dc792323cbaf89b2021-12-17 11:28:49.559root 11241100x800000000000000083306Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:50.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8739fe8b356f06692021-12-17 11:28:50.057root 11241100x800000000000000083307Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:50.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.305a892a59e18da32021-12-17 11:28:50.057root 11241100x800000000000000083308Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:50.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cffd143dfc75319c2021-12-17 11:28:50.057root 11241100x800000000000000083309Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:50.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.caba5ad95f31d6c12021-12-17 11:28:50.058root 11241100x800000000000000083310Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:50.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38c5d1f864a5bbe42021-12-17 11:28:50.058root 11241100x800000000000000083311Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:50.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.71b788e842c8857b2021-12-17 11:28:50.058root 11241100x800000000000000083312Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:50.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38b0606302168e982021-12-17 11:28:50.058root 11241100x800000000000000083313Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:50.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6795c063a804d2cd2021-12-17 11:28:50.058root 11241100x800000000000000083314Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:50.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b513324748fd4382021-12-17 11:28:50.059root 11241100x800000000000000083315Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:50.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1093dda53634e4052021-12-17 11:28:50.059root 11241100x800000000000000083316Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:50.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b39e2c38703d1052021-12-17 11:28:50.059root 11241100x800000000000000083317Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:50.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.42d7b8d3fa7fd4a42021-12-17 11:28:50.059root 11241100x800000000000000083318Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:50.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be3a502c1c632a972021-12-17 11:28:50.059root 11241100x800000000000000083319Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:50.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0aeb175031d6653d2021-12-17 11:28:50.059root 11241100x800000000000000083320Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:50.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.56c2065e36be04d62021-12-17 11:28:50.059root 11241100x800000000000000083321Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:50.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb656021772efcda2021-12-17 11:28:50.060root 11241100x800000000000000083322Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:50.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b942b769a7f05882021-12-17 11:28:50.060root 11241100x800000000000000083323Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:50.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8cd3d29f252fbe12021-12-17 11:28:50.060root 11241100x800000000000000083324Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:50.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4aec42fc825d2ae2021-12-17 11:28:50.060root 11241100x800000000000000083325Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:50.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f5e937e9c49148ef2021-12-17 11:28:50.060root 11241100x800000000000000083326Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:50.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.269a79e6e4566fb62021-12-17 11:28:50.060root 11241100x800000000000000083327Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:50.556{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e370ff7d6bf73162021-12-17 11:28:50.556root 11241100x800000000000000083328Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:50.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af75b36c576c215c2021-12-17 11:28:50.557root 11241100x800000000000000083329Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:50.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6da46d9b75309e7e2021-12-17 11:28:50.557root 11241100x800000000000000083330Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:50.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e5f225f7cf9b5aa2021-12-17 11:28:50.557root 11241100x800000000000000083331Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:50.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bef288caa99ea66d2021-12-17 11:28:50.557root 11241100x800000000000000083332Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:50.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.42ab0dd10d5a6a492021-12-17 11:28:50.557root 11241100x800000000000000083333Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:50.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a75b45c284e5d16e2021-12-17 11:28:50.557root 11241100x800000000000000083334Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:50.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7cc1309475def2b2021-12-17 11:28:50.557root 11241100x800000000000000083335Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:50.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9419f8f9030191642021-12-17 11:28:50.558root 11241100x800000000000000083336Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:50.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.51b38f6ab852043b2021-12-17 11:28:50.558root 11241100x800000000000000083337Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:50.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a55694cacde847e2021-12-17 11:28:50.558root 11241100x800000000000000083338Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:50.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae578f7a6aabdeeb2021-12-17 11:28:50.559root 11241100x800000000000000083339Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:50.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.690c2156bb78f7ec2021-12-17 11:28:50.559root 11241100x800000000000000083340Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:50.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.998fe5b279efff3a2021-12-17 11:28:50.559root 11241100x800000000000000083341Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:50.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33e6fe25f8dc92bb2021-12-17 11:28:50.560root 11241100x800000000000000083342Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:50.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9048014a409d976f2021-12-17 11:28:50.560root 11241100x800000000000000083343Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:50.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0dce7e0338c4d822021-12-17 11:28:50.560root 11241100x800000000000000083344Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:50.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77e11bd17b897d412021-12-17 11:28:50.560root 11241100x800000000000000083345Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:50.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a59f2cedfcd141a2021-12-17 11:28:50.560root 11241100x800000000000000083346Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:50.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4879158d8e063aaa2021-12-17 11:28:50.560root 11241100x800000000000000083347Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:50.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a51ebe2dd8eea7cc2021-12-17 11:28:50.560root 11241100x800000000000000083348Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:51.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec49d03c5d2ca1682021-12-17 11:28:51.057root 11241100x800000000000000083349Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:51.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d3ac5f784c65ed12021-12-17 11:28:51.057root 11241100x800000000000000083350Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:51.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.edcda42d3fb1234f2021-12-17 11:28:51.057root 11241100x800000000000000083351Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:51.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c59733f5ab3479322021-12-17 11:28:51.057root 11241100x800000000000000083352Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:51.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f17f9286fcded3a2021-12-17 11:28:51.057root 11241100x800000000000000083353Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:51.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c84e090b049601a2021-12-17 11:28:51.057root 11241100x800000000000000083354Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:51.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.344a914f5969a6d12021-12-17 11:28:51.058root 11241100x800000000000000083355Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:51.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bce021028339c90e2021-12-17 11:28:51.058root 11241100x800000000000000083356Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:51.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c873ba0d29357e4d2021-12-17 11:28:51.058root 11241100x800000000000000083357Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:51.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f646785e2ebf45af2021-12-17 11:28:51.058root 11241100x800000000000000083358Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:51.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d36b434787d5ab82021-12-17 11:28:51.058root 11241100x800000000000000083359Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:51.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.87d68ee9360f2e732021-12-17 11:28:51.058root 11241100x800000000000000083360Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:51.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c61f2c0b3706098d2021-12-17 11:28:51.058root 11241100x800000000000000083361Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:51.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c31d2e8bec6cfd8e2021-12-17 11:28:51.058root 11241100x800000000000000083362Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:51.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d918d23f5018d3dd2021-12-17 11:28:51.058root 11241100x800000000000000083363Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:51.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f1880f2deee0af02021-12-17 11:28:51.058root 11241100x800000000000000083364Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:51.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.343642f3fdc97d712021-12-17 11:28:51.058root 11241100x800000000000000083365Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:51.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a05d7a798306951e2021-12-17 11:28:51.058root 11241100x800000000000000083366Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:51.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.382d747be9c57c2f2021-12-17 11:28:51.058root 11241100x800000000000000083367Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:51.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76b0414592a3d68c2021-12-17 11:28:51.058root 11241100x800000000000000083368Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:51.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.98a90c1c583f42822021-12-17 11:28:51.059root 11241100x800000000000000083369Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:51.556{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.255f6aab875e968c2021-12-17 11:28:51.556root 11241100x800000000000000083370Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:51.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ab3fee37eb1f77292021-12-17 11:28:51.557root 11241100x800000000000000083371Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:51.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6acb4c6d049a37e02021-12-17 11:28:51.557root 11241100x800000000000000083372Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:51.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.60fe1d75382635e42021-12-17 11:28:51.557root 11241100x800000000000000083373Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:51.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c54912046cb76ff92021-12-17 11:28:51.558root 11241100x800000000000000083374Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:51.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a312817d31efd8fc2021-12-17 11:28:51.558root 11241100x800000000000000083375Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:51.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6f24ccbcc43b55c92021-12-17 11:28:51.559root 11241100x800000000000000083376Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:51.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e1baeaca589df8552021-12-17 11:28:51.559root 11241100x800000000000000083377Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:51.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.296b09e9069c8e112021-12-17 11:28:51.559root 11241100x800000000000000083378Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:51.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c68a244fff8a87ce2021-12-17 11:28:51.560root 11241100x800000000000000083379Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:51.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.249a47c95b33000e2021-12-17 11:28:51.560root 11241100x800000000000000083380Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:51.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e74dc6da57bbebf2021-12-17 11:28:51.560root 11241100x800000000000000083381Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:51.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aef026eaf1bf1e752021-12-17 11:28:51.560root 11241100x800000000000000083382Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:51.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23b83705ccc4fd052021-12-17 11:28:51.561root 11241100x800000000000000083383Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:51.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f4258c659af9a70d2021-12-17 11:28:51.561root 11241100x800000000000000083384Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:51.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d95cdbe0da68ddd2021-12-17 11:28:51.561root 11241100x800000000000000083385Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:51.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eedea98a3c69ff9d2021-12-17 11:28:51.561root 11241100x800000000000000083386Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:51.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d2a71759d8d5d4b82021-12-17 11:28:51.561root 11241100x800000000000000083387Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:51.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c454bded413cd5152021-12-17 11:28:51.561root 11241100x800000000000000083388Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:51.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a4c44ec1ba5ca4612021-12-17 11:28:51.562root 11241100x800000000000000083389Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:51.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f516681ffa018712021-12-17 11:28:51.562root 11241100x800000000000000083390Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:51.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b5510f0ce6b8cd22021-12-17 11:28:51.562root 11241100x800000000000000083391Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:52.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c1feb27b97162ce2021-12-17 11:28:52.056root 11241100x800000000000000083392Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:52.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c60a31f00916c6a42021-12-17 11:28:52.057root 11241100x800000000000000083393Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:52.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.35f0452b310a9fd92021-12-17 11:28:52.057root 11241100x800000000000000083394Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:52.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e122ffb1b74888e2021-12-17 11:28:52.057root 11241100x800000000000000083395Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:52.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c0e9d462a6079582021-12-17 11:28:52.058root 11241100x800000000000000083396Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:52.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d0026398e871f6b02021-12-17 11:28:52.058root 11241100x800000000000000083397Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:52.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.89e703a9088f9e0c2021-12-17 11:28:52.058root 11241100x800000000000000083398Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:52.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ccc61d166dbb59d42021-12-17 11:28:52.059root 11241100x800000000000000083399Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:52.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.86b032f15cd8b3022021-12-17 11:28:52.059root 11241100x800000000000000083400Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:52.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a1db4d9443320732021-12-17 11:28:52.059root 11241100x800000000000000083401Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:52.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4913a14f96407eeb2021-12-17 11:28:52.059root 11241100x800000000000000083402Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:52.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.36d76b0ad14eb9c92021-12-17 11:28:52.059root 11241100x800000000000000083403Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:52.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b93fc90baf8d59a2021-12-17 11:28:52.060root 11241100x800000000000000083404Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:52.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d1c66338c4582762021-12-17 11:28:52.060root 11241100x800000000000000083405Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:52.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f03d3762ba6b9102021-12-17 11:28:52.060root 11241100x800000000000000083406Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:52.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.80042ffabfa800e12021-12-17 11:28:52.060root 11241100x800000000000000083407Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:52.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ad305988477b30a12021-12-17 11:28:52.060root 11241100x800000000000000083408Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:52.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.14fd926959d06b8f2021-12-17 11:28:52.060root 11241100x800000000000000083409Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:52.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.250c8f66576a19c52021-12-17 11:28:52.060root 11241100x800000000000000083410Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:52.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db00ce45fbc5199c2021-12-17 11:28:52.061root 11241100x800000000000000083411Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:52.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63c271370aa56e772021-12-17 11:28:52.061root 11241100x800000000000000083412Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:52.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.247c361e80ce75ec2021-12-17 11:28:52.061root 11241100x800000000000000083413Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:52.556{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aee7850034976e892021-12-17 11:28:52.556root 11241100x800000000000000083414Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:52.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6eb8f896e2f1f6e12021-12-17 11:28:52.557root 11241100x800000000000000083415Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:52.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0bc9797720fa54b22021-12-17 11:28:52.557root 11241100x800000000000000083416Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:52.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e2e5458da099ee0b2021-12-17 11:28:52.557root 11241100x800000000000000083417Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:52.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09c08cf2f02df0eb2021-12-17 11:28:52.557root 11241100x800000000000000083418Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:52.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c8ba08ede97da6d22021-12-17 11:28:52.557root 11241100x800000000000000083419Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:52.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.86cce4003cefbb762021-12-17 11:28:52.557root 11241100x800000000000000083420Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:52.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.565a20183c58aa672021-12-17 11:28:52.558root 11241100x800000000000000083421Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:52.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc101528ddbafa2a2021-12-17 11:28:52.558root 11241100x800000000000000083422Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:52.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e6da36201e45a082021-12-17 11:28:52.558root 11241100x800000000000000083423Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:52.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09e1f89ce1d5554c2021-12-17 11:28:52.558root 11241100x800000000000000083424Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:52.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e294fc62c9335f122021-12-17 11:28:52.558root 11241100x800000000000000083425Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:52.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.789f31f196f8ee612021-12-17 11:28:52.558root 11241100x800000000000000083426Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:52.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f3a94676452c7432021-12-17 11:28:52.558root 11241100x800000000000000083427Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:52.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c987cca51f3fcd112021-12-17 11:28:52.558root 11241100x800000000000000083428Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:52.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8d99af5afb97c1e2021-12-17 11:28:52.558root 11241100x800000000000000083429Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:52.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2feaa9d5d9d9eeca2021-12-17 11:28:52.558root 11241100x800000000000000083430Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:52.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.45e5826fa9862c632021-12-17 11:28:52.558root 11241100x800000000000000083431Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:52.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7144a2bacf9ed8292021-12-17 11:28:52.558root 11241100x800000000000000083432Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:52.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.14f9a543bf4192182021-12-17 11:28:52.559root 11241100x800000000000000083433Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:52.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b04212a8f176e0262021-12-17 11:28:52.559root 11241100x800000000000000083434Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:52.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.49dd98cf43a7af322021-12-17 11:28:52.559root 11241100x800000000000000083435Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:53.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.597635f08f6856e52021-12-17 11:28:53.058root 11241100x800000000000000083436Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:53.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c3fc8e73d99219d2021-12-17 11:28:53.058root 11241100x800000000000000083437Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:53.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c9e58e020998bca2021-12-17 11:28:53.058root 11241100x800000000000000083438Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:53.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f95b979b2265f4482021-12-17 11:28:53.058root 11241100x800000000000000083439Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:53.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f8daf12a092f710d2021-12-17 11:28:53.058root 11241100x800000000000000083440Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:53.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b69968b616494d82021-12-17 11:28:53.058root 11241100x800000000000000083441Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:53.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d7ea9cfe081df3e42021-12-17 11:28:53.058root 11241100x800000000000000083442Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:53.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b945d7f4f36a414b2021-12-17 11:28:53.058root 11241100x800000000000000083443Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:53.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.419aef04e8f39a162021-12-17 11:28:53.059root 11241100x800000000000000083444Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:53.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.59e8c63c95f285de2021-12-17 11:28:53.059root 11241100x800000000000000083445Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:53.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e72483974edf79202021-12-17 11:28:53.059root 11241100x800000000000000083446Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:53.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.20d2fae3ae02c0a22021-12-17 11:28:53.059root 11241100x800000000000000083447Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:53.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e1090fa8358d57142021-12-17 11:28:53.059root 11241100x800000000000000083448Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:53.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.06e8033a84dcb8d32021-12-17 11:28:53.059root 11241100x800000000000000083449Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:53.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.940fdcebed8e75fc2021-12-17 11:28:53.059root 11241100x800000000000000083450Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:53.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.651bec08b261809c2021-12-17 11:28:53.059root 11241100x800000000000000083451Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:53.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd6f6a316543d3b32021-12-17 11:28:53.059root 11241100x800000000000000083452Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:53.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e295c6d52a6c923f2021-12-17 11:28:53.059root 11241100x800000000000000083453Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:53.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8e4c28e675a24932021-12-17 11:28:53.059root 11241100x800000000000000083454Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:53.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a2d0e881496b076b2021-12-17 11:28:53.059root 11241100x800000000000000083455Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:53.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1df244a3d7d085e52021-12-17 11:28:53.059root 11241100x800000000000000083456Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:53.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a908244f7b3a26032021-12-17 11:28:53.557root 11241100x800000000000000083457Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:53.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3fafb05e5606a8362021-12-17 11:28:53.557root 11241100x800000000000000083458Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:53.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3c44c032c8a962dc2021-12-17 11:28:53.557root 11241100x800000000000000083459Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:53.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.808dbc68d473c5dd2021-12-17 11:28:53.557root 11241100x800000000000000083460Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:53.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e9a02a14c3cb70f52021-12-17 11:28:53.557root 11241100x800000000000000083461Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:53.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9344f38ed88feead2021-12-17 11:28:53.557root 11241100x800000000000000083462Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:53.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2a52e3e37e17f81e2021-12-17 11:28:53.557root 11241100x800000000000000083463Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:53.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a330ef40a9c88262021-12-17 11:28:53.557root 11241100x800000000000000083464Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:53.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d4d168da0eb0e2a62021-12-17 11:28:53.557root 11241100x800000000000000083465Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:53.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a1fa422d883a7912021-12-17 11:28:53.558root 11241100x800000000000000083466Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:53.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.854bb57c043265592021-12-17 11:28:53.558root 11241100x800000000000000083467Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:53.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ac15ce6282a2c882021-12-17 11:28:53.558root 11241100x800000000000000083468Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:53.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.43289845f028e5e22021-12-17 11:28:53.558root 11241100x800000000000000083469Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:53.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.841d7f056ae665bb2021-12-17 11:28:53.558root 11241100x800000000000000083470Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:53.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dbb335e8c315a17b2021-12-17 11:28:53.558root 11241100x800000000000000083471Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:53.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b709505f87736b652021-12-17 11:28:53.560root 11241100x800000000000000083472Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:53.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b85c89929651a492021-12-17 11:28:53.560root 11241100x800000000000000083473Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:53.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b77b5f9d4a3e5c462021-12-17 11:28:53.560root 11241100x800000000000000083474Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:53.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c4de91aeb4ba80f2021-12-17 11:28:53.560root 11241100x800000000000000083475Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:53.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca0d52e0d709bcae2021-12-17 11:28:53.560root 11241100x800000000000000083476Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:53.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8de57b26cc4f515d2021-12-17 11:28:53.560root 11241100x800000000000000083477Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:54.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2dd61b2323bcd452021-12-17 11:28:54.057root 11241100x800000000000000083478Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:54.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c7a1820ea1ae0272021-12-17 11:28:54.057root 11241100x800000000000000083479Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:54.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.342a7dee754b66d32021-12-17 11:28:54.057root 11241100x800000000000000083480Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:54.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c794b495cb8ef172021-12-17 11:28:54.057root 11241100x800000000000000083481Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:54.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48421e40e1282c012021-12-17 11:28:54.057root 11241100x800000000000000083482Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:54.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a1a54bd88a98e752021-12-17 11:28:54.057root 11241100x800000000000000083483Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:54.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.157fa5935ae177ad2021-12-17 11:28:54.057root 11241100x800000000000000083484Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:54.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df4c5f3af1fe60e92021-12-17 11:28:54.057root 11241100x800000000000000083485Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:54.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.075d8b9d39bbf1492021-12-17 11:28:54.057root 11241100x800000000000000083486Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:54.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.40962712bc2b5fa62021-12-17 11:28:54.057root 11241100x800000000000000083487Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:54.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7edb782f29bc285b2021-12-17 11:28:54.057root 11241100x800000000000000083488Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:54.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f1f7f00a7bfb5012021-12-17 11:28:54.057root 11241100x800000000000000083489Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:54.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a1ceed79f9657bb2021-12-17 11:28:54.057root 11241100x800000000000000083490Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:54.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.74be96bc002451dc2021-12-17 11:28:54.058root 11241100x800000000000000083491Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:54.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e6c78fb2bc78aa92021-12-17 11:28:54.058root 11241100x800000000000000083492Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:54.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38dcef57cc4aebd72021-12-17 11:28:54.058root 11241100x800000000000000083493Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:54.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e1325792ea3a31b82021-12-17 11:28:54.058root 11241100x800000000000000083494Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:54.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.edd5057c2e4bc9812021-12-17 11:28:54.058root 11241100x800000000000000083495Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:54.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9eba863f2c5eecbf2021-12-17 11:28:54.058root 11241100x800000000000000083496Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:54.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f195453c0c0d04d62021-12-17 11:28:54.058root 11241100x800000000000000083497Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:54.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.75c35d928d727b522021-12-17 11:28:54.058root 354300x800000000000000083498Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:54.171{ec28ba6a-70a3-61bc-5175-3a0400000000}5248/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-42980-false10.0.1.12-8000- 11241100x800000000000000083499Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:54.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa49d87e0d0e821d2021-12-17 11:28:54.557root 11241100x800000000000000083500Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:54.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9dc78a9da1ad490d2021-12-17 11:28:54.557root 11241100x800000000000000083501Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:54.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd94606b500effa72021-12-17 11:28:54.557root 11241100x800000000000000083502Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:54.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9fe8755aa41ea4c2021-12-17 11:28:54.557root 11241100x800000000000000083503Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:54.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a7d2e5fc2ee623d62021-12-17 11:28:54.557root 11241100x800000000000000083504Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:54.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c064859afbe2c5b2021-12-17 11:28:54.557root 11241100x800000000000000083505Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:54.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c7b1cb629b8a1fe12021-12-17 11:28:54.557root 11241100x800000000000000083506Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:54.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4f4fbb3e7c7d6b92021-12-17 11:28:54.557root 11241100x800000000000000083507Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:54.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4cef59e575d46c352021-12-17 11:28:54.557root 11241100x800000000000000083508Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:54.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.442945ba95fb72412021-12-17 11:28:54.558root 11241100x800000000000000083509Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:54.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cafaf2de94b327dd2021-12-17 11:28:54.558root 11241100x800000000000000083510Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:54.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.15e91c65cda1ffbd2021-12-17 11:28:54.558root 11241100x800000000000000083511Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:54.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4db14fb3bd52e3f52021-12-17 11:28:54.558root 11241100x800000000000000083512Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:54.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1bac38c532620de92021-12-17 11:28:54.558root 11241100x800000000000000083513Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:54.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f92fad55d604e662021-12-17 11:28:54.558root 11241100x800000000000000083514Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:54.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae09ae3671fa32982021-12-17 11:28:54.558root 11241100x800000000000000083515Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:54.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f73a5bce160d92fe2021-12-17 11:28:54.558root 11241100x800000000000000083516Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:54.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.70d764efa0c040cb2021-12-17 11:28:54.558root 11241100x800000000000000083517Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:54.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bad82e214fe7937e2021-12-17 11:28:54.558root 11241100x800000000000000083518Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:54.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a4d6baa028526692021-12-17 11:28:54.558root 11241100x800000000000000083519Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:54.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ea2525d3a40dc5b2021-12-17 11:28:54.558root 11241100x800000000000000083520Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:54.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d29c7f7e286528d2021-12-17 11:28:54.558root 11241100x800000000000000083521Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:55.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.18c6737b19d553b62021-12-17 11:28:55.057root 11241100x800000000000000083522Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:55.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f18daaff4f65b532021-12-17 11:28:55.057root 11241100x800000000000000083523Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:55.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3fc5e9de4b30b9712021-12-17 11:28:55.057root 11241100x800000000000000083524Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:55.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.27f31d0af4d17b252021-12-17 11:28:55.057root 11241100x800000000000000083525Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:55.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b5c7e4e7c9a5dc4e2021-12-17 11:28:55.057root 11241100x800000000000000083526Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:55.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41792ea53885ba9b2021-12-17 11:28:55.057root 11241100x800000000000000083527Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:55.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.06f940a50d2212932021-12-17 11:28:55.057root 11241100x800000000000000083528Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:55.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b008bb5bd4d47d82021-12-17 11:28:55.057root 11241100x800000000000000083529Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:55.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.86778477b2f759572021-12-17 11:28:55.057root 11241100x800000000000000083530Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:55.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8554762d9f3698b22021-12-17 11:28:55.057root 11241100x800000000000000083531Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:55.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a7a472310a9e38052021-12-17 11:28:55.057root 11241100x800000000000000083532Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:55.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0f4f6c84e6812c82021-12-17 11:28:55.057root 11241100x800000000000000083533Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:55.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.13df60f27b72a9ae2021-12-17 11:28:55.057root 11241100x800000000000000083534Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:55.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e3ad9c493cb66a592021-12-17 11:28:55.057root 11241100x800000000000000083535Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:55.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ab1c0421b53d8d842021-12-17 11:28:55.058root 11241100x800000000000000083536Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:55.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.88b5eb867af421a52021-12-17 11:28:55.058root 11241100x800000000000000083537Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:55.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.01f231f62e1c2bc12021-12-17 11:28:55.058root 11241100x800000000000000083538Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:55.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.048c8c4fd3d843192021-12-17 11:28:55.058root 11241100x800000000000000083539Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:55.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c78f073a65b073062021-12-17 11:28:55.058root 11241100x800000000000000083540Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:55.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b31d8d0c70285912021-12-17 11:28:55.058root 11241100x800000000000000083541Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:55.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9344bd35ebdd125d2021-12-17 11:28:55.058root 11241100x800000000000000083542Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:55.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1e81942f4cd1e2de2021-12-17 11:28:55.058root 11241100x800000000000000083543Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:55.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ea546aa282b0bc422021-12-17 11:28:55.557root 11241100x800000000000000083544Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:55.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eeb697b5eee806822021-12-17 11:28:55.557root 11241100x800000000000000083545Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:55.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.85d28d96d06453b92021-12-17 11:28:55.557root 11241100x800000000000000083546Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:55.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cfb953a63d66b2852021-12-17 11:28:55.557root 11241100x800000000000000083547Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:55.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0f415e0e1296fa112021-12-17 11:28:55.557root 11241100x800000000000000083548Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:55.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7bb4e098fd366a302021-12-17 11:28:55.557root 11241100x800000000000000083549Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:55.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ae64b4a0341867e2021-12-17 11:28:55.557root 11241100x800000000000000083550Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:55.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e5541a3db1147fc2021-12-17 11:28:55.557root 11241100x800000000000000083551Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:55.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02b20635ade879f72021-12-17 11:28:55.557root 11241100x800000000000000083552Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:55.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9aeb17abec2076d82021-12-17 11:28:55.557root 11241100x800000000000000083553Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:55.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a439ece2b4f406bd2021-12-17 11:28:55.558root 11241100x800000000000000083554Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:55.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1aa08f51248b9dd82021-12-17 11:28:55.558root 11241100x800000000000000083555Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:55.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77fe55620d9ae0362021-12-17 11:28:55.558root 11241100x800000000000000083556Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:55.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d0f3f865baeecfa62021-12-17 11:28:55.558root 11241100x800000000000000083557Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:55.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ecdaec3eba8b559a2021-12-17 11:28:55.558root 11241100x800000000000000083558Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:55.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9dab664ae86aceb52021-12-17 11:28:55.558root 11241100x800000000000000083559Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:55.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.399bab311c9aef6f2021-12-17 11:28:55.558root 11241100x800000000000000083560Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:55.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f3c4320f1b3203e42021-12-17 11:28:55.558root 11241100x800000000000000083561Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:55.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c5f63d9dd5051bf2021-12-17 11:28:55.558root 11241100x800000000000000083562Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:55.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.daad6bad9d74b3032021-12-17 11:28:55.559root 11241100x800000000000000083563Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:55.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.32cce581571621552021-12-17 11:28:55.559root 11241100x800000000000000083564Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:55.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.423ad7a68fa9d2742021-12-17 11:28:55.559root 11241100x800000000000000083565Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:56.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cdf0c07a67124e042021-12-17 11:28:56.056root 11241100x800000000000000083566Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:56.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4be0f4b730a58bee2021-12-17 11:28:56.056root 11241100x800000000000000083567Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:56.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.82844dd61669874b2021-12-17 11:28:56.056root 11241100x800000000000000083568Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:56.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0cd2e1fb4f9a60fd2021-12-17 11:28:56.056root 11241100x800000000000000083569Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:56.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c24eb731e88c8932021-12-17 11:28:56.056root 11241100x800000000000000083570Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:56.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3984214fc6c0e4eb2021-12-17 11:28:56.056root 11241100x800000000000000083571Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:56.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91ef69d0d912a8e12021-12-17 11:28:56.057root 11241100x800000000000000083572Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:56.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.56bd5e772eca323f2021-12-17 11:28:56.057root 11241100x800000000000000083573Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:56.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba37a407807a3cf82021-12-17 11:28:56.057root 11241100x800000000000000083574Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:56.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.05e4297214645fa82021-12-17 11:28:56.057root 11241100x800000000000000083575Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:56.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91df58370493f2292021-12-17 11:28:56.057root 11241100x800000000000000083576Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:56.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.738fcda6399104902021-12-17 11:28:56.057root 11241100x800000000000000083577Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:56.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0040d869d5d63b9e2021-12-17 11:28:56.057root 11241100x800000000000000083578Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:56.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f2bcba447255af772021-12-17 11:28:56.057root 11241100x800000000000000083579Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:56.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3588ba0ba7fbd50c2021-12-17 11:28:56.057root 11241100x800000000000000083580Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:56.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8bd3ea5f631650e12021-12-17 11:28:56.057root 11241100x800000000000000083581Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:56.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ea157b7e9ccc1f42021-12-17 11:28:56.057root 11241100x800000000000000083582Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:56.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ac3062b138ea73e2021-12-17 11:28:56.057root 11241100x800000000000000083583Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:56.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be8516f2f91845df2021-12-17 11:28:56.057root 11241100x800000000000000083584Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:56.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4550165ee300e332021-12-17 11:28:56.057root 11241100x800000000000000083585Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:56.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d1a9017638da9e92021-12-17 11:28:56.058root 11241100x800000000000000083586Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:56.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f868ba6c8b75928e2021-12-17 11:28:56.058root 11241100x800000000000000083587Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:56.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f40df4994caf05852021-12-17 11:28:56.058root 11241100x800000000000000083588Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:56.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.199ba3a0165e728e2021-12-17 11:28:56.058root 11241100x800000000000000083589Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:56.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95efe5b0ba5741702021-12-17 11:28:56.058root 11241100x800000000000000083590Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:56.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a230d6a5d3951ed2021-12-17 11:28:56.058root 11241100x800000000000000083591Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:56.556{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.745922fc4e0df7532021-12-17 11:28:56.556root 11241100x800000000000000083592Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:56.556{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c8022f366cd9440c2021-12-17 11:28:56.556root 11241100x800000000000000083593Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:56.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4d34c1b4f809795b2021-12-17 11:28:56.557root 11241100x800000000000000083594Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:56.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f2f94a567a54b7b82021-12-17 11:28:56.557root 11241100x800000000000000083595Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:56.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8fbd4f41d7a450092021-12-17 11:28:56.557root 11241100x800000000000000083596Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:56.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2526ee364ad63dc32021-12-17 11:28:56.557root 11241100x800000000000000083597Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:56.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d11d40a452cd1312021-12-17 11:28:56.557root 11241100x800000000000000083598Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:56.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33ad520f3902f2162021-12-17 11:28:56.557root 11241100x800000000000000083599Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:56.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f500bd26bb948fd12021-12-17 11:28:56.557root 11241100x800000000000000083600Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:56.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff80a5e55310b8602021-12-17 11:28:56.557root 11241100x800000000000000083601Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:56.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d9bc5dac50cccebf2021-12-17 11:28:56.558root 11241100x800000000000000083602Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:56.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.92304057be71d48b2021-12-17 11:28:56.558root 11241100x800000000000000083603Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:56.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de6543391adc60c92021-12-17 11:28:56.558root 11241100x800000000000000083604Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:56.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f17841f827d11f6b2021-12-17 11:28:56.558root 11241100x800000000000000083605Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:56.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c64beac91c655c892021-12-17 11:28:56.559root 11241100x800000000000000083606Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:56.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f4e7ec4258189e7b2021-12-17 11:28:56.559root 11241100x800000000000000083607Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:56.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2a4a50fb164bdad62021-12-17 11:28:56.559root 11241100x800000000000000083608Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:56.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.462de2a4dbf5e0512021-12-17 11:28:56.559root 11241100x800000000000000083609Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:56.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b7f176a368b8bb42021-12-17 11:28:56.559root 11241100x800000000000000083610Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:56.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af0ba80939e919ce2021-12-17 11:28:56.559root 11241100x800000000000000083611Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:56.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae06ae2cb02afdc12021-12-17 11:28:56.559root 11241100x800000000000000083612Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:56.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ffb2d4fa65d75ee42021-12-17 11:28:56.559root 11241100x800000000000000083613Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:57.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cfe254850aba50152021-12-17 11:28:57.057root 11241100x800000000000000083614Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:57.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c162ffeb47a8e362021-12-17 11:28:57.057root 11241100x800000000000000083615Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:57.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f1b6725a7e752ac2021-12-17 11:28:57.057root 11241100x800000000000000083616Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:57.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.50f5761ddd8758202021-12-17 11:28:57.057root 11241100x800000000000000083617Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:57.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.19213482a29b1ed52021-12-17 11:28:57.057root 11241100x800000000000000083618Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:57.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e06f50d6cfeffeef2021-12-17 11:28:57.057root 11241100x800000000000000083619Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:57.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5158756f7c18c9c72021-12-17 11:28:57.057root 11241100x800000000000000083620Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:57.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.396b608025a99f622021-12-17 11:28:57.058root 11241100x800000000000000083621Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:57.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.338285fe8c8a86612021-12-17 11:28:57.058root 11241100x800000000000000083622Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:57.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2273c215188965242021-12-17 11:28:57.058root 11241100x800000000000000083623Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:57.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.461f9790eda480352021-12-17 11:28:57.058root 11241100x800000000000000083624Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:57.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e87537501aa48b82021-12-17 11:28:57.058root 11241100x800000000000000083625Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:57.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3e5a13b261769f22021-12-17 11:28:57.058root 11241100x800000000000000083626Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:57.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8925ad956e913c602021-12-17 11:28:57.058root 11241100x800000000000000083627Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:57.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8a922887491ff46b2021-12-17 11:28:57.059root 11241100x800000000000000083628Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:57.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2de26343e9fcaa0b2021-12-17 11:28:57.059root 11241100x800000000000000083629Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:57.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.74ce0bbef252c8bb2021-12-17 11:28:57.059root 11241100x800000000000000083630Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:57.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a5feaaa15815d2102021-12-17 11:28:57.059root 11241100x800000000000000083631Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:57.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eff1cae76125ab4a2021-12-17 11:28:57.059root 11241100x800000000000000083632Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:57.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.417b8dba785a06872021-12-17 11:28:57.059root 11241100x800000000000000083633Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:57.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bf2be8413278015c2021-12-17 11:28:57.059root 11241100x800000000000000083634Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:57.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d3b0d3ce2a3e19832021-12-17 11:28:57.059root 11241100x800000000000000083635Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:57.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ffa4f64a2e5b6b0c2021-12-17 11:28:57.557root 11241100x800000000000000083636Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:57.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.70f150e206c1ba272021-12-17 11:28:57.557root 11241100x800000000000000083637Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:57.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.12145134f73047372021-12-17 11:28:57.557root 11241100x800000000000000083638Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:57.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ea6f8623e4f135292021-12-17 11:28:57.557root 11241100x800000000000000083639Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:57.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c4ffe2a57920e14f2021-12-17 11:28:57.557root 11241100x800000000000000083640Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:57.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2690683b81d911b42021-12-17 11:28:57.557root 11241100x800000000000000083641Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:57.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c3832377a8d043a2021-12-17 11:28:57.558root 11241100x800000000000000083642Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:57.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.532adb595c0aeafb2021-12-17 11:28:57.558root 11241100x800000000000000083643Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:57.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38d8742a139dd8d42021-12-17 11:28:57.558root 11241100x800000000000000083644Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:57.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5cedf657546fbb032021-12-17 11:28:57.558root 11241100x800000000000000083645Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:57.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2207cd208ebb659c2021-12-17 11:28:57.558root 11241100x800000000000000083646Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:57.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e056689fea01f602021-12-17 11:28:57.559root 11241100x800000000000000083647Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:57.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a556ef6ec5b76c42021-12-17 11:28:57.559root 11241100x800000000000000083648Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:57.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a020c9303ce3eac2021-12-17 11:28:57.559root 11241100x800000000000000083649Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:57.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e29c9fdf867e13bd2021-12-17 11:28:57.559root 11241100x800000000000000083650Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:57.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d44006a331f7fd82021-12-17 11:28:57.560root 11241100x800000000000000083651Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:57.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.558fde6c13b3d6992021-12-17 11:28:57.560root 11241100x800000000000000083652Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:57.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae53ff314c1ab35b2021-12-17 11:28:57.560root 11241100x800000000000000083653Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:57.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dfe6e0f192b6230b2021-12-17 11:28:57.561root 11241100x800000000000000083654Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:57.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a38c46773b44831c2021-12-17 11:28:57.561root 11241100x800000000000000083655Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:57.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41e965abcff3ecec2021-12-17 11:28:57.561root 11241100x800000000000000083656Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:57.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2688d8a8e106d4322021-12-17 11:28:57.562root 11241100x800000000000000083657Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:58.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2414b04d6e86f1922021-12-17 11:28:58.057root 11241100x800000000000000083658Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:58.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c88b399522097202021-12-17 11:28:58.057root 11241100x800000000000000083659Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:58.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fbc529ae4f9cea102021-12-17 11:28:58.057root 11241100x800000000000000083660Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:58.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7208172df56ac9152021-12-17 11:28:58.057root 11241100x800000000000000083661Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:58.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.82c7d6d4a56b212c2021-12-17 11:28:58.058root 11241100x800000000000000083662Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:58.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.131abc182b0a31f02021-12-17 11:28:58.058root 11241100x800000000000000083663Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:58.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c96464ff4ccc1ba2021-12-17 11:28:58.058root 11241100x800000000000000083664Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:58.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5fd9cfbc8854e5c82021-12-17 11:28:58.058root 11241100x800000000000000083665Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:58.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c5b184e956302bf2021-12-17 11:28:58.058root 11241100x800000000000000083666Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:58.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.827540e16acacd322021-12-17 11:28:58.059root 11241100x800000000000000083667Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:58.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2890ac2a1c77bab2021-12-17 11:28:58.059root 11241100x800000000000000083668Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:58.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db28e0e677bc6b112021-12-17 11:28:58.059root 11241100x800000000000000083669Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:58.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4217de8ff363c3192021-12-17 11:28:58.059root 11241100x800000000000000083670Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:58.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a24c57ca2b391162021-12-17 11:28:58.059root 11241100x800000000000000083671Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:58.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.30ca156c3b2b8a002021-12-17 11:28:58.059root 11241100x800000000000000083672Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:58.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c7c7fa21d442afb2021-12-17 11:28:58.059root 11241100x800000000000000083673Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:58.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fbccd3ea1b6277dc2021-12-17 11:28:58.059root 11241100x800000000000000083674Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:58.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e281008e003871b12021-12-17 11:28:58.059root 11241100x800000000000000083675Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:58.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fdc883f48412875e2021-12-17 11:28:58.059root 11241100x800000000000000083676Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:58.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.74380e8624adca6b2021-12-17 11:28:58.060root 11241100x800000000000000083677Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:58.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ecc58cbb3b5a50cd2021-12-17 11:28:58.060root 11241100x800000000000000083678Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:58.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b0c9c7b05ef44a322021-12-17 11:28:58.060root 11241100x800000000000000083679Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:58.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c1f6ad958c0e36f2021-12-17 11:28:58.557root 11241100x800000000000000083680Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:58.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.73a8212dd84ea7742021-12-17 11:28:58.557root 11241100x800000000000000083681Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:58.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e005267e463ecef22021-12-17 11:28:58.557root 11241100x800000000000000083682Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:58.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5cefa64ad0011c882021-12-17 11:28:58.557root 11241100x800000000000000083683Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:58.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4eb0277c980eae182021-12-17 11:28:58.557root 11241100x800000000000000083684Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:58.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25c11c73bf504d1a2021-12-17 11:28:58.558root 11241100x800000000000000083685Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:58.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d12ff36540c4dfdb2021-12-17 11:28:58.558root 11241100x800000000000000083686Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:58.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b3b722b216ce8382021-12-17 11:28:58.558root 11241100x800000000000000083687Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:58.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6d4473d02fc67602021-12-17 11:28:58.558root 11241100x800000000000000083688Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:58.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8adb7c73d0891c502021-12-17 11:28:58.558root 11241100x800000000000000083689Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:58.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c01bc2970ce7f812021-12-17 11:28:58.558root 11241100x800000000000000083690Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:58.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e3fd1184b69726d92021-12-17 11:28:58.558root 11241100x800000000000000083691Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:58.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.161c0f8b6edce23c2021-12-17 11:28:58.558root 11241100x800000000000000083692Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:58.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.37696475760259072021-12-17 11:28:58.558root 11241100x800000000000000083693Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:58.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.efbf165b2ec588932021-12-17 11:28:58.558root 11241100x800000000000000083694Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:58.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.971c400dfb9b0f712021-12-17 11:28:58.558root 11241100x800000000000000083695Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:58.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c97173c37a4d0e22021-12-17 11:28:58.558root 11241100x800000000000000083696Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:58.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.58aace87314015e02021-12-17 11:28:58.558root 11241100x800000000000000083697Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:58.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae0b6b01c7d729ea2021-12-17 11:28:58.559root 11241100x800000000000000083698Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:58.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d15194ce0bca2612021-12-17 11:28:58.559root 11241100x800000000000000083699Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:58.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9878b47587fdf3802021-12-17 11:28:58.559root 11241100x800000000000000083700Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:58.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1ff9bd582cafe432021-12-17 11:28:58.559root 11241100x800000000000000083701Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:59.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.735576b07f0c765b2021-12-17 11:28:59.057root 11241100x800000000000000083702Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:59.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca793888e84359602021-12-17 11:28:59.057root 11241100x800000000000000083703Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:59.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c69a878c47dff3172021-12-17 11:28:59.057root 11241100x800000000000000083704Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:59.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e35b050a2d803e32021-12-17 11:28:59.057root 11241100x800000000000000083705Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:59.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38c348e617f7678b2021-12-17 11:28:59.058root 11241100x800000000000000083706Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:59.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.740c9490650af40a2021-12-17 11:28:59.058root 11241100x800000000000000083707Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:59.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d5d6129007d73a652021-12-17 11:28:59.058root 11241100x800000000000000083708Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:59.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.03aef7d0079f36ce2021-12-17 11:28:59.058root 11241100x800000000000000083709Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:59.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a90bc99f31d3d8e42021-12-17 11:28:59.058root 11241100x800000000000000083710Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:59.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e995460a215cd7862021-12-17 11:28:59.058root 11241100x800000000000000083711Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:59.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0677b3739bb97052021-12-17 11:28:59.058root 11241100x800000000000000083712Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:59.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e9eea73a34b5ef342021-12-17 11:28:59.059root 11241100x800000000000000083713Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:59.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b60e54842f69fd62021-12-17 11:28:59.059root 11241100x800000000000000083714Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:59.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.97f561b914ee9ac72021-12-17 11:28:59.059root 11241100x800000000000000083715Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:59.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc7a236e8b0c93c02021-12-17 11:28:59.059root 11241100x800000000000000083716Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:59.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3870549c060cb992021-12-17 11:28:59.059root 11241100x800000000000000083717Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:59.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f8aa4309750cfa352021-12-17 11:28:59.059root 11241100x800000000000000083718Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:59.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4789b32cd697b7fc2021-12-17 11:28:59.059root 11241100x800000000000000083719Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:59.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e07f54f3a6da5ae32021-12-17 11:28:59.059root 11241100x800000000000000083720Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:59.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6814da0d25dbb0ba2021-12-17 11:28:59.059root 11241100x800000000000000083721Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:59.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d2ce4da17fad62462021-12-17 11:28:59.059root 11241100x800000000000000083722Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:59.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.15b95ea5579e67b42021-12-17 11:28:59.059root 354300x800000000000000083723Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:59.227{ec28ba6a-70a3-61bc-5175-3a0400000000}5248/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-42982-false10.0.1.12-8000- 11241100x800000000000000083724Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:59.556{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f457a71d34e25b902021-12-17 11:28:59.556root 11241100x800000000000000083725Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:59.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.024a1b987dedb9e72021-12-17 11:28:59.557root 11241100x800000000000000083726Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:59.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bff67d9054b6a6cd2021-12-17 11:28:59.557root 11241100x800000000000000083727Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:59.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.528a39b21f678f912021-12-17 11:28:59.557root 11241100x800000000000000083728Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:59.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a14a149dc0268a32021-12-17 11:28:59.557root 11241100x800000000000000083729Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:59.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9166324c88b8dd8e2021-12-17 11:28:59.558root 11241100x800000000000000083730Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:59.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.60855527f73be16a2021-12-17 11:28:59.558root 11241100x800000000000000083731Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:59.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6dfdd3d9b1f6cc62021-12-17 11:28:59.558root 11241100x800000000000000083732Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:59.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3713ce54b23f6cbf2021-12-17 11:28:59.558root 11241100x800000000000000083733Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:59.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f2cf0753bc3de6072021-12-17 11:28:59.558root 11241100x800000000000000083734Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:59.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d115cc63d3cca1102021-12-17 11:28:59.559root 11241100x800000000000000083735Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:59.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d69112216638e7ce2021-12-17 11:28:59.559root 11241100x800000000000000083736Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:59.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aeb8322bb63e99572021-12-17 11:28:59.559root 11241100x800000000000000083737Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:59.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7734f7ac7696a8ee2021-12-17 11:28:59.559root 11241100x800000000000000083738Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:59.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.29faf9b5806a96e72021-12-17 11:28:59.559root 11241100x800000000000000083739Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:59.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a4864a1347b60702021-12-17 11:28:59.559root 11241100x800000000000000083740Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:59.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8cccbb7f69ae0a862021-12-17 11:28:59.560root 11241100x800000000000000083741Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:59.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f087c658de3df9bd2021-12-17 11:28:59.560root 11241100x800000000000000083742Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:59.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.66359155bdd81f8b2021-12-17 11:28:59.560root 11241100x800000000000000083743Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:59.565{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd4f0c7cc5554cd52021-12-17 11:28:59.565root 11241100x800000000000000083744Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:59.566{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.913bcff81e6cd3612021-12-17 11:28:59.566root 11241100x800000000000000083745Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:59.566{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.98f810095f2e25292021-12-17 11:28:59.566root 11241100x800000000000000083746Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:28:59.566{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.06a8b7a92dc3c6882021-12-17 11:28:59.566root 11241100x800000000000000083747Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:00.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.510bf8d8b00cf1ba2021-12-17 11:29:00.056root 11241100x800000000000000083748Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:00.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f58355f01e903682021-12-17 11:29:00.057root 11241100x800000000000000083749Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:00.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.34e6a763aad006f12021-12-17 11:29:00.057root 11241100x800000000000000083750Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:00.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d0b6185b5c33d732021-12-17 11:29:00.057root 11241100x800000000000000083751Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:00.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c6ac65ede2cddc32021-12-17 11:29:00.057root 11241100x800000000000000083752Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:00.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0fb72d6bab35b97b2021-12-17 11:29:00.057root 11241100x800000000000000083753Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:00.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c6ede78176b30732021-12-17 11:29:00.058root 11241100x800000000000000083754Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:00.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.30f46c347e40e0512021-12-17 11:29:00.058root 11241100x800000000000000083755Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:00.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09a155bab9e53edd2021-12-17 11:29:00.058root 11241100x800000000000000083756Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:00.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd7034b43352e7702021-12-17 11:29:00.058root 11241100x800000000000000083757Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:00.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8dc2a1763074a3c52021-12-17 11:29:00.058root 11241100x800000000000000083758Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:00.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec83cc0ea7587c6d2021-12-17 11:29:00.059root 11241100x800000000000000083759Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:00.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e3fcaaba81d35312021-12-17 11:29:00.059root 11241100x800000000000000083760Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:00.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6dddbceef8485c1c2021-12-17 11:29:00.059root 11241100x800000000000000083761Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:00.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.20ea4962f25896882021-12-17 11:29:00.059root 11241100x800000000000000083762Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:00.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.66c96f7f4966db1f2021-12-17 11:29:00.059root 11241100x800000000000000083763Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:00.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4faec2f5ed1a9ded2021-12-17 11:29:00.062root 11241100x800000000000000083764Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:00.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.85d619482dd4ed412021-12-17 11:29:00.062root 11241100x800000000000000083765Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:00.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.364739b76f77732b2021-12-17 11:29:00.062root 11241100x800000000000000083766Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:00.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.033eb73a476ad5c72021-12-17 11:29:00.063root 11241100x800000000000000083767Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:00.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.31d48b0161cb7f1d2021-12-17 11:29:00.063root 11241100x800000000000000083768Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:00.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.42f0335162fff87c2021-12-17 11:29:00.063root 11241100x800000000000000083769Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:00.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.023e879ac19931452021-12-17 11:29:00.063root 11241100x800000000000000083770Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:00.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7fe8cf9888d145452021-12-17 11:29:00.063root 11241100x800000000000000083771Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:00.187{ec28ba6a-709b-61bc-30d8-78dfe0550000}5175/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log2021-12-17 11:29:00.187root 11241100x800000000000000083772Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:00.556{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b7989c4534ce13e2021-12-17 11:29:00.556root 11241100x800000000000000083773Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:00.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6edf8a0e9d3c05392021-12-17 11:29:00.557root 11241100x800000000000000083774Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:00.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.49af4063f2f627e82021-12-17 11:29:00.557root 11241100x800000000000000083775Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:00.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.170b2fe6f7208ce12021-12-17 11:29:00.557root 11241100x800000000000000083776Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:00.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.520b86d8f33e43b82021-12-17 11:29:00.557root 11241100x800000000000000083777Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:00.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d2cc6ee0f80a25362021-12-17 11:29:00.558root 11241100x800000000000000083778Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:00.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.81c13a92a3760cac2021-12-17 11:29:00.558root 11241100x800000000000000083779Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:00.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c47db5504bcdfb0e2021-12-17 11:29:00.558root 11241100x800000000000000083780Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:00.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e26f148ceaa79fb2021-12-17 11:29:00.558root 11241100x800000000000000083781Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:00.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e885fb994e3614362021-12-17 11:29:00.558root 11241100x800000000000000083782Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:00.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.52746e88f62422552021-12-17 11:29:00.559root 11241100x800000000000000083783Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:00.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bdd7c326ac59b2042021-12-17 11:29:00.559root 11241100x800000000000000083784Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:00.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.20174158c7f62cb32021-12-17 11:29:00.559root 11241100x800000000000000083785Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:00.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4878d6e4d93070b92021-12-17 11:29:00.559root 11241100x800000000000000083786Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:00.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3921ad7f3ff4e7502021-12-17 11:29:00.559root 11241100x800000000000000083787Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:00.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8bafaf8afd0a93da2021-12-17 11:29:00.559root 11241100x800000000000000083788Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:00.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b363c1cef15cfe992021-12-17 11:29:00.559root 11241100x800000000000000083789Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:00.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.22e420a5ddc1dd7d2021-12-17 11:29:00.559root 11241100x800000000000000083790Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:00.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e457dc37d6a4fad62021-12-17 11:29:00.559root 11241100x800000000000000083791Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:00.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.53de2bbcdf8a394c2021-12-17 11:29:00.559root 11241100x800000000000000083792Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:00.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c82e3f60723cf8f2021-12-17 11:29:00.559root 11241100x800000000000000083793Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:00.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c52bc9dcf553a1a2021-12-17 11:29:00.560root 11241100x800000000000000083794Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:00.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1e8956329405ff002021-12-17 11:29:00.560root 11241100x800000000000000083795Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:00.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.556a4804dbda9fb62021-12-17 11:29:00.560root 11241100x800000000000000083796Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:01.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41590749df74b3b62021-12-17 11:29:01.056root 11241100x800000000000000083797Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:01.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb96737150b355572021-12-17 11:29:01.057root 11241100x800000000000000083798Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:01.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.937ffbeb78c273982021-12-17 11:29:01.057root 11241100x800000000000000083799Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:01.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cef3b9dd9fd74df52021-12-17 11:29:01.057root 11241100x800000000000000083800Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:01.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e44b2ed88d2499b92021-12-17 11:29:01.057root 11241100x800000000000000083801Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:01.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6abd89092c03854e2021-12-17 11:29:01.057root 11241100x800000000000000083802Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:01.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de98fa668df4d3302021-12-17 11:29:01.057root 11241100x800000000000000083803Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:01.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7171703222bb53082021-12-17 11:29:01.058root 11241100x800000000000000083804Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:01.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fdd774176c145f202021-12-17 11:29:01.058root 11241100x800000000000000083805Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:01.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c9a7488b30b2bad2021-12-17 11:29:01.058root 11241100x800000000000000083806Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:01.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6091df6abab82a992021-12-17 11:29:01.058root 11241100x800000000000000083807Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:01.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f2eafaa0e5f66dfc2021-12-17 11:29:01.058root 11241100x800000000000000083808Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:01.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1cfd2edd81f919852021-12-17 11:29:01.059root 11241100x800000000000000083809Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:01.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.348360819c2c3ad92021-12-17 11:29:01.059root 11241100x800000000000000083810Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:01.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.46b046c4be6d80e42021-12-17 11:29:01.059root 11241100x800000000000000083811Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:01.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be869a6c603c06792021-12-17 11:29:01.059root 11241100x800000000000000083812Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:01.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.66a283febede3b1b2021-12-17 11:29:01.060root 11241100x800000000000000083813Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:01.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c1b74a5a5da10efe2021-12-17 11:29:01.060root 11241100x800000000000000083814Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:01.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a17e2f64ea3b8a932021-12-17 11:29:01.060root 11241100x800000000000000083815Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:01.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eadd2bf336f7c9dc2021-12-17 11:29:01.060root 11241100x800000000000000083816Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:01.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1b46e3aaf16aa3b2021-12-17 11:29:01.060root 11241100x800000000000000083817Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:01.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c2f8659c9abae7d2021-12-17 11:29:01.061root 11241100x800000000000000083818Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:01.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.42b214c477d76a352021-12-17 11:29:01.061root 11241100x800000000000000083819Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:01.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.03e352fe77c7b1d52021-12-17 11:29:01.061root 11241100x800000000000000083820Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:01.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c0d8078cdf5a0b12021-12-17 11:29:01.557root 11241100x800000000000000083821Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:01.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee21f9d28ab45e4f2021-12-17 11:29:01.557root 11241100x800000000000000083822Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:01.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47fde9af0f7e54232021-12-17 11:29:01.557root 11241100x800000000000000083823Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:01.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.67d0ab84d3063e0c2021-12-17 11:29:01.557root 11241100x800000000000000083824Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:01.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4df29ba2d40ed5d42021-12-17 11:29:01.557root 11241100x800000000000000083825Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:01.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b371a3b79de085552021-12-17 11:29:01.557root 11241100x800000000000000083826Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:01.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9719bfa59422fd112021-12-17 11:29:01.557root 11241100x800000000000000083827Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:01.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f6c8214417998f52021-12-17 11:29:01.558root 11241100x800000000000000083828Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:01.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0277a8170fc361f72021-12-17 11:29:01.558root 11241100x800000000000000083829Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:01.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.56721ff8c4f051132021-12-17 11:29:01.558root 11241100x800000000000000083830Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:01.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cdd39eca37cbf7252021-12-17 11:29:01.558root 11241100x800000000000000083831Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:01.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a71067389d5a6b702021-12-17 11:29:01.558root 11241100x800000000000000083832Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:01.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b7099c7277cd0762021-12-17 11:29:01.558root 11241100x800000000000000083833Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:01.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.935694b52fda1b2b2021-12-17 11:29:01.558root 11241100x800000000000000083834Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:01.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.482f1c9bedd18f722021-12-17 11:29:01.558root 11241100x800000000000000083835Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:01.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a338cf1996fc48262021-12-17 11:29:01.558root 11241100x800000000000000083836Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:01.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f036cbebc1becc342021-12-17 11:29:01.558root 11241100x800000000000000083837Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:01.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.43192d5528a2db152021-12-17 11:29:01.558root 11241100x800000000000000083838Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:01.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.01348723cfcadcdf2021-12-17 11:29:01.558root 11241100x800000000000000083839Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:01.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d2ce4d68bcdcb96b2021-12-17 11:29:01.558root 11241100x800000000000000083840Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:01.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e9f284dc12346a992021-12-17 11:29:01.558root 11241100x800000000000000083841Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:01.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ad224d8127fc92762021-12-17 11:29:01.558root 11241100x800000000000000083842Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:01.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee7f2d79466382d82021-12-17 11:29:01.559root 11241100x800000000000000083843Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:01.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d0785c64f98aa0a12021-12-17 11:29:01.559root 11241100x800000000000000083844Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:02.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c86d6f5e267be1842021-12-17 11:29:02.056root 11241100x800000000000000083845Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:02.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.72899c357b9ac61f2021-12-17 11:29:02.057root 11241100x800000000000000083846Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:02.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.481cdc66ab77acb92021-12-17 11:29:02.057root 11241100x800000000000000083847Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:02.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ead10202f54ac452021-12-17 11:29:02.057root 11241100x800000000000000083848Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:02.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b5970d93977f47552021-12-17 11:29:02.057root 11241100x800000000000000083849Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:02.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c78853b3bfad026a2021-12-17 11:29:02.058root 11241100x800000000000000083850Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:02.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c8cab068a65b316a2021-12-17 11:29:02.058root 11241100x800000000000000083851Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:02.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7f293e1578888022021-12-17 11:29:02.058root 11241100x800000000000000083852Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:02.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.49f7cc98788411cd2021-12-17 11:29:02.058root 11241100x800000000000000083853Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:02.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d9213b424d3a7e02021-12-17 11:29:02.058root 11241100x800000000000000083854Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:02.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.81b1220434d27a042021-12-17 11:29:02.060root 11241100x800000000000000083855Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:02.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7936ad6351bf00e02021-12-17 11:29:02.060root 11241100x800000000000000083856Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:02.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.553897b766ffd0ee2021-12-17 11:29:02.060root 11241100x800000000000000083857Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:02.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2fd156f625d67aeb2021-12-17 11:29:02.060root 11241100x800000000000000083858Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:02.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b72e236384f04e02021-12-17 11:29:02.061root 11241100x800000000000000083859Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:02.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c279686501e353302021-12-17 11:29:02.061root 11241100x800000000000000083860Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:02.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9aada721ce857c42021-12-17 11:29:02.061root 11241100x800000000000000083861Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:02.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.321d4c4fd62a134d2021-12-17 11:29:02.061root 11241100x800000000000000083862Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:02.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a67e0880b042f4602021-12-17 11:29:02.061root 11241100x800000000000000083863Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:02.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.35c22ac817112ab82021-12-17 11:29:02.061root 11241100x800000000000000083864Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:02.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.894c0e731e39467c2021-12-17 11:29:02.062root 11241100x800000000000000083865Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:02.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2190c711c87760d42021-12-17 11:29:02.062root 11241100x800000000000000083866Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:02.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a3fea8f0db4e9bba2021-12-17 11:29:02.062root 11241100x800000000000000083867Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:02.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee1807641107f9d82021-12-17 11:29:02.062root 11241100x800000000000000083868Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:02.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c4b3d8a5777af4d2021-12-17 11:29:02.062root 11241100x800000000000000083869Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:02.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7138c62bd3c8b75c2021-12-17 11:29:02.557root 11241100x800000000000000083870Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:02.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d0ce3581b19b0d1e2021-12-17 11:29:02.557root 11241100x800000000000000083871Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:02.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02a863744fa42cac2021-12-17 11:29:02.557root 11241100x800000000000000083872Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:02.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.04bf0e572da17c1b2021-12-17 11:29:02.557root 11241100x800000000000000083873Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:02.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.52d050f92ce678ab2021-12-17 11:29:02.557root 11241100x800000000000000083874Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:02.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c5c17a415996a53e2021-12-17 11:29:02.557root 11241100x800000000000000083875Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:02.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.826593a1b9ca051f2021-12-17 11:29:02.557root 11241100x800000000000000083876Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:02.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aee003644a2ce9a72021-12-17 11:29:02.557root 11241100x800000000000000083877Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:02.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2eb642b95b9bc6792021-12-17 11:29:02.558root 11241100x800000000000000083878Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:02.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.58ae31dc85747acc2021-12-17 11:29:02.558root 11241100x800000000000000083879Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:02.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bdb06d7219a73bbc2021-12-17 11:29:02.558root 11241100x800000000000000083880Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:02.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ffb4116f75417ed2021-12-17 11:29:02.558root 11241100x800000000000000083881Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:02.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.506ef5dbf43d06082021-12-17 11:29:02.558root 11241100x800000000000000083882Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:02.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5fa065d7c70a60472021-12-17 11:29:02.558root 11241100x800000000000000083883Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:02.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1849c28da394dc4f2021-12-17 11:29:02.558root 11241100x800000000000000083884Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:02.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9be0c23967d99f142021-12-17 11:29:02.558root 11241100x800000000000000083885Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:02.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.229002f785422d692021-12-17 11:29:02.558root 11241100x800000000000000083886Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:02.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb358f80d4030f642021-12-17 11:29:02.558root 11241100x800000000000000083887Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:02.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3258069a8b5c37eb2021-12-17 11:29:02.558root 11241100x800000000000000083888Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:02.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.18ed404ac993ae7d2021-12-17 11:29:02.558root 11241100x800000000000000083889Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:02.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c5df737c5814feaf2021-12-17 11:29:02.558root 11241100x800000000000000083890Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:02.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2fc32a573e62444a2021-12-17 11:29:02.558root 11241100x800000000000000083891Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:02.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e120d203401cb1d2021-12-17 11:29:02.558root 11241100x800000000000000083892Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:02.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.012a0e7b778affb52021-12-17 11:29:02.559root 11241100x800000000000000083893Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:03.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac3be54f8d0ff3f12021-12-17 11:29:03.057root 11241100x800000000000000083894Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:03.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7872060a60317f942021-12-17 11:29:03.058root 11241100x800000000000000083895Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:03.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a9e7b081b14c424c2021-12-17 11:29:03.058root 11241100x800000000000000083896Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:03.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e2d824f22fbaa602021-12-17 11:29:03.058root 11241100x800000000000000083897Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:03.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc0bc20b560ef5ce2021-12-17 11:29:03.058root 11241100x800000000000000083898Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:03.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ff71a6c6f391f912021-12-17 11:29:03.058root 11241100x800000000000000083899Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:03.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96ffb8c6320fa7e42021-12-17 11:29:03.059root 11241100x800000000000000083900Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:03.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.330c64d22e8edf372021-12-17 11:29:03.059root 11241100x800000000000000083901Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:03.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.84a9e46e6b04e3be2021-12-17 11:29:03.059root 11241100x800000000000000083902Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:03.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bf8cb5b97720b33f2021-12-17 11:29:03.059root 11241100x800000000000000083903Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:03.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.75ad042c91a9c3522021-12-17 11:29:03.059root 11241100x800000000000000083904Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:03.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f5482b47415294912021-12-17 11:29:03.059root 11241100x800000000000000083905Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:03.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf7a6ce0c74955372021-12-17 11:29:03.059root 11241100x800000000000000083906Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:03.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.08837bf976d564c12021-12-17 11:29:03.060root 11241100x800000000000000083907Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:03.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8282c4f24c5603c02021-12-17 11:29:03.060root 11241100x800000000000000083908Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:03.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.495f98d93ad78b652021-12-17 11:29:03.060root 11241100x800000000000000083909Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:03.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8272122d528dc3f52021-12-17 11:29:03.060root 11241100x800000000000000083910Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:03.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.58c09c5159d2e3f32021-12-17 11:29:03.060root 11241100x800000000000000083911Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:03.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f2e95bfc7372dff32021-12-17 11:29:03.060root 11241100x800000000000000083912Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:03.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b46d268690f266922021-12-17 11:29:03.061root 11241100x800000000000000083913Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:03.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c4d8e61f267749112021-12-17 11:29:03.061root 11241100x800000000000000083914Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:03.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b6e8da4551e08222021-12-17 11:29:03.061root 11241100x800000000000000083915Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:03.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48516011b012ab932021-12-17 11:29:03.061root 11241100x800000000000000083916Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:03.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96b2587099bb87f62021-12-17 11:29:03.061root 11241100x800000000000000083917Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:03.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.74e24390445c9fec2021-12-17 11:29:03.061root 23542300x800000000000000083918Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:03.189{ec28ba6a-709b-61bc-30d8-78dfe0550000}5175root/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log--- 11241100x800000000000000083919Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:03.556{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c84cc0004bf51442021-12-17 11:29:03.556root 11241100x800000000000000083920Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:03.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c817622c6d425a4d2021-12-17 11:29:03.557root 11241100x800000000000000083921Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:03.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.82b5d50084a257712021-12-17 11:29:03.557root 11241100x800000000000000083922Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:03.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8adb0118679f50b32021-12-17 11:29:03.557root 11241100x800000000000000083923Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:03.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.481df653ff49da782021-12-17 11:29:03.557root 11241100x800000000000000083924Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:03.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c065e0f52e0d11c2021-12-17 11:29:03.558root 11241100x800000000000000083925Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:03.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.530fe9448df35e652021-12-17 11:29:03.558root 11241100x800000000000000083926Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:03.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.305d401b4faf4b162021-12-17 11:29:03.559root 11241100x800000000000000083927Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:03.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63ce2d625469ae182021-12-17 11:29:03.559root 11241100x800000000000000083928Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:03.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.60c9cf8c17da7c142021-12-17 11:29:03.559root 11241100x800000000000000083929Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:03.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.973a5befa1ec2d4b2021-12-17 11:29:03.559root 11241100x800000000000000083930Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:03.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a85ffa8933e5db302021-12-17 11:29:03.559root 11241100x800000000000000083931Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:03.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.73e48a1f36445b752021-12-17 11:29:03.560root 11241100x800000000000000083932Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:03.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.665d5320ee3f75082021-12-17 11:29:03.560root 11241100x800000000000000083933Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:03.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cef6248eb78763442021-12-17 11:29:03.560root 11241100x800000000000000083934Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:03.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a55e9e7fdd9229f82021-12-17 11:29:03.560root 11241100x800000000000000083935Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:03.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2131ff44dfe310222021-12-17 11:29:03.560root 11241100x800000000000000083936Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:03.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.08cd57b00ba08dde2021-12-17 11:29:03.560root 11241100x800000000000000083937Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:03.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1cbc5bcd9de6b6ee2021-12-17 11:29:03.560root 11241100x800000000000000083938Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:03.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.254e260b031afea32021-12-17 11:29:03.561root 11241100x800000000000000083939Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:03.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f3274d6fff5113fc2021-12-17 11:29:03.561root 11241100x800000000000000083940Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:03.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ebd2e49da1f26f872021-12-17 11:29:03.561root 11241100x800000000000000083941Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:03.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7cb17f4676c305aa2021-12-17 11:29:03.561root 11241100x800000000000000083942Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:03.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a515c17f1381b9e02021-12-17 11:29:03.561root 11241100x800000000000000083943Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:03.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54c011533b842dd12021-12-17 11:29:03.561root 11241100x800000000000000083944Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:03.564{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4910ac499c21da92021-12-17 11:29:03.564root 11241100x800000000000000083945Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:04.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8fc74965528f44292021-12-17 11:29:04.057root 11241100x800000000000000083946Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:04.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.34e383cf455de0b72021-12-17 11:29:04.057root 11241100x800000000000000083947Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:04.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.802846082ed2f0422021-12-17 11:29:04.057root 11241100x800000000000000083948Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:04.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1442cf04e14c122a2021-12-17 11:29:04.057root 11241100x800000000000000083949Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:04.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6251955a133bc2df2021-12-17 11:29:04.057root 11241100x800000000000000083950Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:04.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e31a5f9079e99d8c2021-12-17 11:29:04.057root 11241100x800000000000000083951Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:04.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c9ead97af2c76d392021-12-17 11:29:04.057root 11241100x800000000000000083952Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:04.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d4cb442a41f14adc2021-12-17 11:29:04.057root 11241100x800000000000000083953Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:04.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.73184de1ff14f3ed2021-12-17 11:29:04.057root 11241100x800000000000000083954Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:04.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e5bb5e0864e96952021-12-17 11:29:04.057root 11241100x800000000000000083955Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:04.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8106c536db0538582021-12-17 11:29:04.057root 11241100x800000000000000083956Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:04.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.046f3346791e6d282021-12-17 11:29:04.057root 11241100x800000000000000083957Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:04.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fda9a63e03f637892021-12-17 11:29:04.057root 11241100x800000000000000083958Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:04.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.678500392562207e2021-12-17 11:29:04.058root 11241100x800000000000000083959Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:04.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4211d731ac24dccd2021-12-17 11:29:04.058root 11241100x800000000000000083960Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:04.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2f2d438a25a34f12021-12-17 11:29:04.058root 11241100x800000000000000083961Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:04.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d059ff2826501032021-12-17 11:29:04.058root 11241100x800000000000000083962Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:04.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d0caa58f137af39a2021-12-17 11:29:04.058root 11241100x800000000000000083963Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:04.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.358722cc902f0f252021-12-17 11:29:04.058root 11241100x800000000000000083964Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:04.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.18737becc95081a92021-12-17 11:29:04.058root 11241100x800000000000000083965Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:04.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc9e8c9de4d877762021-12-17 11:29:04.058root 11241100x800000000000000083966Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:04.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.944177b2c41f225b2021-12-17 11:29:04.058root 11241100x800000000000000083967Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:04.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c01740372f8e23b2021-12-17 11:29:04.058root 11241100x800000000000000083968Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:04.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3eb63326997c11742021-12-17 11:29:04.058root 11241100x800000000000000083969Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:04.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.341efbd4df12b7132021-12-17 11:29:04.058root 11241100x800000000000000083970Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:04.556{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25a7bf51dc9388bd2021-12-17 11:29:04.556root 11241100x800000000000000083971Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:04.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0749c37ce6b79ff82021-12-17 11:29:04.557root 11241100x800000000000000083972Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:04.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.205ddfbabd7ad4e52021-12-17 11:29:04.557root 11241100x800000000000000083973Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:04.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3477006e732140f62021-12-17 11:29:04.557root 11241100x800000000000000083974Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:04.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f5fdbe4c8c4fdcff2021-12-17 11:29:04.558root 11241100x800000000000000083975Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:04.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76cedb45bc75cb482021-12-17 11:29:04.558root 11241100x800000000000000083976Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:04.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.64236d5b49cd9f6c2021-12-17 11:29:04.558root 11241100x800000000000000083977Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:04.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25d5b42ab6aa10642021-12-17 11:29:04.558root 11241100x800000000000000083978Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:04.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f66d5169969df6452021-12-17 11:29:04.558root 11241100x800000000000000083979Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:04.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e3e3535db288291e2021-12-17 11:29:04.558root 11241100x800000000000000083980Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:04.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ec967bf64696f952021-12-17 11:29:04.558root 11241100x800000000000000083981Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:04.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9342d32399d6d1cc2021-12-17 11:29:04.558root 11241100x800000000000000083982Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:04.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d4e29d303844e7f22021-12-17 11:29:04.558root 11241100x800000000000000083983Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:04.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f9eccc3b09550942021-12-17 11:29:04.559root 11241100x800000000000000083984Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:04.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ffb778ba76c6ba1e2021-12-17 11:29:04.559root 11241100x800000000000000083985Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:04.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d414d33666426b2e2021-12-17 11:29:04.559root 11241100x800000000000000083986Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:04.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77743eb30b332b322021-12-17 11:29:04.559root 11241100x800000000000000083987Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:04.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e21ab15ca4f70f92021-12-17 11:29:04.559root 11241100x800000000000000083988Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:04.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.56f2bb80577daf9e2021-12-17 11:29:04.559root 11241100x800000000000000083989Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:04.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c187e9ddf1da77ba2021-12-17 11:29:04.559root 11241100x800000000000000083990Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:04.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.11ce20f5988f7f472021-12-17 11:29:04.559root 11241100x800000000000000083991Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:04.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.417308d61fbe94402021-12-17 11:29:04.559root 11241100x800000000000000083992Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:04.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f5c2ab5d0c996192021-12-17 11:29:04.559root 11241100x800000000000000083993Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:04.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb714ebcbcbf0b422021-12-17 11:29:04.559root 11241100x800000000000000083994Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:04.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7501bcda60b3ca7e2021-12-17 11:29:04.559root 11241100x800000000000000083995Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:04.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8422d44e4126a4452021-12-17 11:29:04.559root 11241100x800000000000000083996Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:04.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df8aede2936f78b02021-12-17 11:29:04.559root 11241100x800000000000000083997Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:04.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.59ddf39fa00c38332021-12-17 11:29:04.559root 11241100x800000000000000083998Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:05.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed846ab5128c09072021-12-17 11:29:05.056root 11241100x800000000000000083999Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:05.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.434cad7d2b3303d72021-12-17 11:29:05.057root 11241100x800000000000000084000Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:05.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.816bc3373f8eace52021-12-17 11:29:05.057root 11241100x800000000000000084001Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:05.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6f02cff67943b00d2021-12-17 11:29:05.057root 11241100x800000000000000084002Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:05.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d49fd9d2a78fec8d2021-12-17 11:29:05.057root 11241100x800000000000000084003Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:05.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.13f402abf64f408d2021-12-17 11:29:05.057root 11241100x800000000000000084004Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:05.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.83b49fe0762f1a5c2021-12-17 11:29:05.057root 11241100x800000000000000084005Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:05.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3254111c1b77dacb2021-12-17 11:29:05.057root 11241100x800000000000000084006Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:05.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8bc28c56e4152fc92021-12-17 11:29:05.057root 11241100x800000000000000084007Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:05.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd290091f5e46fc22021-12-17 11:29:05.057root 11241100x800000000000000084008Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:05.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9cff01299f32a8962021-12-17 11:29:05.058root 11241100x800000000000000084009Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:05.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cab6127994821d4f2021-12-17 11:29:05.058root 11241100x800000000000000084010Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:05.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.427b8f3cb00a6d8a2021-12-17 11:29:05.058root 11241100x800000000000000084011Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:05.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6dbba67f42b037752021-12-17 11:29:05.058root 11241100x800000000000000084012Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:05.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b223a62497b607932021-12-17 11:29:05.058root 11241100x800000000000000084013Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:05.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b9bfd1d92a0321a2021-12-17 11:29:05.058root 11241100x800000000000000084014Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:05.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.adb6bbf905cffff92021-12-17 11:29:05.058root 11241100x800000000000000084015Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:05.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2448a9ab510997992021-12-17 11:29:05.058root 11241100x800000000000000084016Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:05.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6e1ca696fa389fed2021-12-17 11:29:05.058root 11241100x800000000000000084017Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:05.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.623686d4a8e64fb52021-12-17 11:29:05.058root 11241100x800000000000000084018Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:05.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3118ec69c5f0a5e32021-12-17 11:29:05.059root 11241100x800000000000000084019Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:05.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5dc2f19b5434f6aa2021-12-17 11:29:05.059root 11241100x800000000000000084020Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:05.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.18c7bfa5f04583912021-12-17 11:29:05.059root 11241100x800000000000000084021Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:05.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.44eb38aae5e934cc2021-12-17 11:29:05.059root 11241100x800000000000000084022Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:05.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba8fc2b6b82c17772021-12-17 11:29:05.059root 354300x800000000000000084023Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:05.226{ec28ba6a-70a3-61bc-5175-3a0400000000}5248/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-42984-false10.0.1.12-8000- 11241100x800000000000000084024Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:05.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0ac8cbea42013be42021-12-17 11:29:05.557root 11241100x800000000000000084025Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:05.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.071ea4b709f21a092021-12-17 11:29:05.557root 11241100x800000000000000084026Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:05.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f824bddfc5fac7432021-12-17 11:29:05.557root 11241100x800000000000000084027Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:05.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.65a9fb0e014bacc02021-12-17 11:29:05.557root 11241100x800000000000000084028Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:05.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1a7278472abd9f32021-12-17 11:29:05.557root 11241100x800000000000000084029Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:05.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.50a66174a36a6da82021-12-17 11:29:05.557root 11241100x800000000000000084030Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:05.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.151b04964b6967ad2021-12-17 11:29:05.558root 11241100x800000000000000084031Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:05.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b542484399717812021-12-17 11:29:05.558root 11241100x800000000000000084032Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:05.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a50a7c45f7822972021-12-17 11:29:05.558root 11241100x800000000000000084033Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:05.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f080ce0bbdbc8542021-12-17 11:29:05.558root 11241100x800000000000000084034Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:05.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f6b241f5185037ab2021-12-17 11:29:05.558root 11241100x800000000000000084035Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:05.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.61481fbc9d54458b2021-12-17 11:29:05.558root 11241100x800000000000000084036Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:05.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3eb15c54878524302021-12-17 11:29:05.558root 11241100x800000000000000084037Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:05.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.18cf135a7e51a9122021-12-17 11:29:05.558root 11241100x800000000000000084038Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:05.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c42bcb95a09a243d2021-12-17 11:29:05.558root 11241100x800000000000000084039Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:05.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.71921b475f56483c2021-12-17 11:29:05.558root 11241100x800000000000000084040Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:05.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.032a047e72b4cf122021-12-17 11:29:05.558root 11241100x800000000000000084041Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:05.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.22662b8a042b4c162021-12-17 11:29:05.558root 11241100x800000000000000084042Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:05.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5567a511559e73752021-12-17 11:29:05.558root 11241100x800000000000000084043Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:05.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.27067c360f0905e02021-12-17 11:29:05.558root 11241100x800000000000000084044Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:05.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1018fb234dfdbd332021-12-17 11:29:05.558root 11241100x800000000000000084045Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:05.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.16274d95c2c8ff7b2021-12-17 11:29:05.559root 11241100x800000000000000084046Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:05.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd1492599d5003442021-12-17 11:29:05.559root 11241100x800000000000000084047Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:05.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8a50885fba9e8a4f2021-12-17 11:29:05.559root 11241100x800000000000000084048Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:05.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e91e949e907eb96c2021-12-17 11:29:05.559root 11241100x800000000000000084049Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:05.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ad557bce30cd17b2021-12-17 11:29:05.559root 11241100x800000000000000084050Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:06.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.edaf52b288e1ee6f2021-12-17 11:29:06.056root 11241100x800000000000000084051Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:06.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cdafebae3e2803202021-12-17 11:29:06.057root 11241100x800000000000000084052Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:06.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cfff9500192b7a652021-12-17 11:29:06.057root 11241100x800000000000000084053Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:06.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b1dc52aa13297c192021-12-17 11:29:06.057root 11241100x800000000000000084054Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:06.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6f2407ea1c27af082021-12-17 11:29:06.057root 11241100x800000000000000084055Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:06.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e261bcd6da565c4a2021-12-17 11:29:06.058root 11241100x800000000000000084056Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:06.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a303e3565a5eaa2b2021-12-17 11:29:06.058root 11241100x800000000000000084057Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:06.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f22abc650141b77d2021-12-17 11:29:06.058root 11241100x800000000000000084058Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:06.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1df8d9c0444ac6db2021-12-17 11:29:06.058root 11241100x800000000000000084059Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:06.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dde98de6828056c82021-12-17 11:29:06.058root 11241100x800000000000000084060Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:06.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.14a2956e280c6dd52021-12-17 11:29:06.058root 11241100x800000000000000084061Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:06.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.97c60ddd19e1c82e2021-12-17 11:29:06.058root 11241100x800000000000000084062Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:06.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec6b3279cd7336be2021-12-17 11:29:06.059root 11241100x800000000000000084063Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:06.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.28a1aceedcb6854a2021-12-17 11:29:06.059root 11241100x800000000000000084064Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:06.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.73600c759b867f1f2021-12-17 11:29:06.059root 11241100x800000000000000084065Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:06.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1e8f88cc65d37ebd2021-12-17 11:29:06.059root 11241100x800000000000000084066Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:06.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ad6cd3a0f2df4b302021-12-17 11:29:06.059root 11241100x800000000000000084067Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:06.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.284ff0a8c7817b462021-12-17 11:29:06.060root 11241100x800000000000000084068Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:06.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.03bd82e97d7da5202021-12-17 11:29:06.060root 11241100x800000000000000084069Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:06.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e473a53681e54a5f2021-12-17 11:29:06.061root 11241100x800000000000000084070Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:06.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f6f562ae37db5152021-12-17 11:29:06.061root 11241100x800000000000000084071Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:06.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.04cb2e72a0dc92e82021-12-17 11:29:06.061root 11241100x800000000000000084072Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:06.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.05ec9bda951f307b2021-12-17 11:29:06.061root 11241100x800000000000000084073Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:06.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a6ee1ee3d32cd3c2021-12-17 11:29:06.061root 11241100x800000000000000084074Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:06.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af917c651bd48a162021-12-17 11:29:06.061root 11241100x800000000000000084075Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:06.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c96f01ad706a09b2021-12-17 11:29:06.062root 11241100x800000000000000084076Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:06.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a0beb2940926dd52021-12-17 11:29:06.062root 11241100x800000000000000084077Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:06.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7319c997929c3a62021-12-17 11:29:06.062root 11241100x800000000000000084078Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:06.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a3f153f2e507434a2021-12-17 11:29:06.062root 11241100x800000000000000084079Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:06.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f3364096cd2779c2021-12-17 11:29:06.557root 11241100x800000000000000084080Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:06.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f16ffa8ed3922802021-12-17 11:29:06.557root 11241100x800000000000000084081Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:06.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b8206471ffc0f6122021-12-17 11:29:06.558root 11241100x800000000000000084082Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:06.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc1dc1b9275d51e62021-12-17 11:29:06.558root 11241100x800000000000000084083Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:06.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3d0b21f7c2000de2021-12-17 11:29:06.558root 11241100x800000000000000084084Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:06.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1730fd38331bdbbf2021-12-17 11:29:06.558root 11241100x800000000000000084085Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:06.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e6dfb9a1cf98e382021-12-17 11:29:06.558root 11241100x800000000000000084086Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:06.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0fd306fa17fe53f2021-12-17 11:29:06.558root 11241100x800000000000000084087Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:06.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7629a2eb969f557c2021-12-17 11:29:06.558root 11241100x800000000000000084088Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:06.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c5cfe4626a4018492021-12-17 11:29:06.558root 11241100x800000000000000084089Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:06.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.52bda3f0579a6dc12021-12-17 11:29:06.558root 11241100x800000000000000084090Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:06.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c520d32e4c2b6f4d2021-12-17 11:29:06.559root 11241100x800000000000000084091Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:06.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b182b5b9a88041bf2021-12-17 11:29:06.559root 11241100x800000000000000084092Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:06.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.185fd49447e143f42021-12-17 11:29:06.559root 11241100x800000000000000084093Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:06.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2636606797e82e462021-12-17 11:29:06.559root 11241100x800000000000000084094Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:06.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.94092de88eb20a822021-12-17 11:29:06.559root 11241100x800000000000000084095Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:06.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9309e645cca0b0932021-12-17 11:29:06.559root 11241100x800000000000000084096Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:06.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.40a2f640ef233a822021-12-17 11:29:06.559root 11241100x800000000000000084097Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:06.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e7f11ef498627ed2021-12-17 11:29:06.559root 11241100x800000000000000084098Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:06.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.798f85eab54b0d1b2021-12-17 11:29:06.559root 11241100x800000000000000084099Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:06.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e779d382e056fda82021-12-17 11:29:06.559root 11241100x800000000000000084100Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:06.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.360caf4d8e9bc8622021-12-17 11:29:06.559root 11241100x800000000000000084101Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:06.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c207779515b998d92021-12-17 11:29:06.559root 11241100x800000000000000084102Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:06.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.186534ce9426f9c92021-12-17 11:29:06.559root 11241100x800000000000000084103Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:06.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.59019d8e915bd9702021-12-17 11:29:06.559root 11241100x800000000000000084104Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:06.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ead7f8f6a3c468c02021-12-17 11:29:06.559root 11241100x800000000000000084105Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:06.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d2e2998ad95224ae2021-12-17 11:29:06.560root 11241100x800000000000000084106Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:06.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2406e427a9fd44462021-12-17 11:29:06.560root 11241100x800000000000000084107Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:06.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.013393f2755fbfa72021-12-17 11:29:06.560root 11241100x800000000000000084108Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:06.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5570a2921c20b63a2021-12-17 11:29:06.560root 11241100x800000000000000084109Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:07.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5bb848a213cbdf012021-12-17 11:29:07.057root 11241100x800000000000000084110Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:07.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.72ab3cad4ce79b9d2021-12-17 11:29:07.057root 11241100x800000000000000084111Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:07.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b0ada23ed69d610f2021-12-17 11:29:07.057root 11241100x800000000000000084112Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:07.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c7c22c87260fc2712021-12-17 11:29:07.057root 11241100x800000000000000084113Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:07.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.74cb6652a7d2af122021-12-17 11:29:07.058root 11241100x800000000000000084114Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:07.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8a703e3e429e2a2b2021-12-17 11:29:07.058root 11241100x800000000000000084115Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:07.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.51c49ad6cc7dc7dc2021-12-17 11:29:07.058root 11241100x800000000000000084116Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:07.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a61869d615fdf6a2021-12-17 11:29:07.058root 11241100x800000000000000084117Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:07.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8643ae4eb177df452021-12-17 11:29:07.058root 11241100x800000000000000084118Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:07.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a064e3686654bb2f2021-12-17 11:29:07.058root 11241100x800000000000000084119Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:07.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc8b63eb1d07b13f2021-12-17 11:29:07.059root 11241100x800000000000000084120Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:07.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ae4127ca70b3d5c2021-12-17 11:29:07.059root 11241100x800000000000000084121Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:07.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da43448f592f1abd2021-12-17 11:29:07.059root 11241100x800000000000000084122Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:07.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a819d0595af3f33c2021-12-17 11:29:07.059root 11241100x800000000000000084123Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:07.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1af073fc027bbc702021-12-17 11:29:07.059root 11241100x800000000000000084124Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:07.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ab4108a4ef814742021-12-17 11:29:07.059root 11241100x800000000000000084125Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:07.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.903cc65528f67c2a2021-12-17 11:29:07.059root 11241100x800000000000000084126Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:07.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.538ab87beb1c790f2021-12-17 11:29:07.059root 11241100x800000000000000084127Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:07.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee2e6ce4d6250a862021-12-17 11:29:07.059root 11241100x800000000000000084128Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:07.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c46b52e1b7e1455c2021-12-17 11:29:07.059root 11241100x800000000000000084129Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:07.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9170ab1c4a56ff852021-12-17 11:29:07.060root 11241100x800000000000000084130Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:07.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38bad00050f05fcb2021-12-17 11:29:07.060root 11241100x800000000000000084131Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:07.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.782dd77f2f306ca62021-12-17 11:29:07.060root 11241100x800000000000000084132Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:07.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d472d7b803c68e9a2021-12-17 11:29:07.060root 11241100x800000000000000084133Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:07.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.262f41cd19031cf42021-12-17 11:29:07.060root 11241100x800000000000000084134Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:07.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.43eb93788ed501dc2021-12-17 11:29:07.060root 11241100x800000000000000084135Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:07.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ec3bf9a7e6650a32021-12-17 11:29:07.557root 11241100x800000000000000084136Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:07.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e2eb0f0295a536a2021-12-17 11:29:07.557root 11241100x800000000000000084137Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:07.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ffa251517d7612aa2021-12-17 11:29:07.557root 11241100x800000000000000084138Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:07.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09f4b42aa51e4a542021-12-17 11:29:07.557root 11241100x800000000000000084139Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:07.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa2b284d92e9a92f2021-12-17 11:29:07.558root 11241100x800000000000000084140Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:07.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a03c0d3da14458ea2021-12-17 11:29:07.558root 11241100x800000000000000084141Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:07.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f249743f1021ab52021-12-17 11:29:07.558root 11241100x800000000000000084142Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:07.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d559efd23739ec452021-12-17 11:29:07.558root 11241100x800000000000000084143Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:07.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e975fb894611db782021-12-17 11:29:07.558root 11241100x800000000000000084144Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:07.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac509fb4a4e469592021-12-17 11:29:07.559root 11241100x800000000000000084145Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:07.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.081b0bc29c3100682021-12-17 11:29:07.559root 11241100x800000000000000084146Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:07.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d998e5d570a21ad2021-12-17 11:29:07.559root 11241100x800000000000000084147Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:07.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2d849dd62f87f302021-12-17 11:29:07.559root 11241100x800000000000000084148Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:07.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ab4d01efd538f7f62021-12-17 11:29:07.559root 11241100x800000000000000084149Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:07.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.84ec2d5f5bfdae4c2021-12-17 11:29:07.559root 11241100x800000000000000084150Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:07.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e075891e1d776db52021-12-17 11:29:07.559root 11241100x800000000000000084151Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:07.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48fa40f35a5364b92021-12-17 11:29:07.560root 11241100x800000000000000084152Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:07.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6c539d3549a3bf62021-12-17 11:29:07.560root 11241100x800000000000000084153Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:07.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8697b99c68735d732021-12-17 11:29:07.560root 11241100x800000000000000084154Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:07.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7230f68263d0f8a02021-12-17 11:29:07.560root 11241100x800000000000000084155Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:07.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.57fc9c24d2257a602021-12-17 11:29:07.560root 11241100x800000000000000084156Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:07.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f91f7bea733c4682021-12-17 11:29:07.560root 11241100x800000000000000084157Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:07.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.93cb165455eff77c2021-12-17 11:29:07.560root 11241100x800000000000000084158Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:07.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7cf7be708fe3bb792021-12-17 11:29:07.560root 11241100x800000000000000084159Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:07.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee22a7292b4c19602021-12-17 11:29:07.560root 11241100x800000000000000084160Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:07.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e563c352a7f5b5ef2021-12-17 11:29:07.560root 11241100x800000000000000084161Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:08.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da04e99ce894987c2021-12-17 11:29:08.057root 11241100x800000000000000084162Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:08.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f53ea52eea8dd4492021-12-17 11:29:08.057root 11241100x800000000000000084163Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:08.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9f56e75fe060597e2021-12-17 11:29:08.057root 11241100x800000000000000084164Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:08.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e9bbe885dc00eab92021-12-17 11:29:08.057root 11241100x800000000000000084165Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:08.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc87bcc412cfba512021-12-17 11:29:08.057root 11241100x800000000000000084166Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:08.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c0a0829641c77272021-12-17 11:29:08.058root 11241100x800000000000000084167Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:08.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b5710d6c5a7491f2021-12-17 11:29:08.058root 11241100x800000000000000084168Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:08.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c89249a20113b572021-12-17 11:29:08.058root 11241100x800000000000000084169Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:08.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7dcdd7d16334240c2021-12-17 11:29:08.058root 11241100x800000000000000084170Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:08.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.81bdbff14b8bdeff2021-12-17 11:29:08.058root 11241100x800000000000000084171Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:08.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da32bd2c3dd69c1f2021-12-17 11:29:08.058root 11241100x800000000000000084172Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:08.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d587d5f359e0f99a2021-12-17 11:29:08.058root 11241100x800000000000000084173Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:08.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2b45a2090ae4b6f62021-12-17 11:29:08.058root 11241100x800000000000000084174Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:08.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a67078a92bd68132021-12-17 11:29:08.058root 11241100x800000000000000084175Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:08.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.70510863e7656e662021-12-17 11:29:08.058root 11241100x800000000000000084176Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:08.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a4cc7d789b2155be2021-12-17 11:29:08.058root 11241100x800000000000000084177Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:08.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ecd68788f1db4ea62021-12-17 11:29:08.058root 11241100x800000000000000084178Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:08.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2cd2028d6c9afacd2021-12-17 11:29:08.058root 11241100x800000000000000084179Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:08.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.94b5c916387f69bf2021-12-17 11:29:08.058root 11241100x800000000000000084180Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:08.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ba15188414fe9862021-12-17 11:29:08.058root 11241100x800000000000000084181Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:08.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a5cb52e5c90ec9a2021-12-17 11:29:08.059root 11241100x800000000000000084182Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:08.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.960f0861b4bdbda12021-12-17 11:29:08.059root 11241100x800000000000000084183Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:08.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d4321e7e08bf236d2021-12-17 11:29:08.059root 11241100x800000000000000084184Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:08.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4b38ddbfeffde262021-12-17 11:29:08.059root 11241100x800000000000000084185Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:08.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df478b2aa78c33ea2021-12-17 11:29:08.059root 11241100x800000000000000084186Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:08.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4095670ce74cb48f2021-12-17 11:29:08.059root 11241100x800000000000000084187Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:08.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00b7da4030d51fd22021-12-17 11:29:08.561root 11241100x800000000000000084188Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:08.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8283165a82401d22021-12-17 11:29:08.561root 11241100x800000000000000084189Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:08.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb28dfd285ba6d162021-12-17 11:29:08.561root 11241100x800000000000000084190Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:08.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1bf1dac7ec106a4a2021-12-17 11:29:08.561root 11241100x800000000000000084191Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:08.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e0ccb0aac790ecc2021-12-17 11:29:08.561root 11241100x800000000000000084192Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:08.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9f15e26c3ab9e8002021-12-17 11:29:08.561root 11241100x800000000000000084193Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:08.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.29e2690f78275a1d2021-12-17 11:29:08.561root 11241100x800000000000000084194Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:08.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a39599887f56fef62021-12-17 11:29:08.562root 11241100x800000000000000084195Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:08.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc56bef046b8c2222021-12-17 11:29:08.562root 11241100x800000000000000084196Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:08.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ffad2752376bb1272021-12-17 11:29:08.562root 11241100x800000000000000084197Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:08.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8fe4d6a594f82c892021-12-17 11:29:08.562root 11241100x800000000000000084198Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:08.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dcc2675ab7480ed12021-12-17 11:29:08.562root 11241100x800000000000000084199Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:08.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bbae769984de9a372021-12-17 11:29:08.562root 11241100x800000000000000084200Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:08.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.74207c7a0244ffea2021-12-17 11:29:08.562root 11241100x800000000000000084201Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:08.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.798da23b9c2323332021-12-17 11:29:08.562root 11241100x800000000000000084202Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:08.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c41dabfd915ad65c2021-12-17 11:29:08.562root 11241100x800000000000000084203Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:08.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.905a3df894b9dca62021-12-17 11:29:08.562root 11241100x800000000000000084204Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:08.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.766eb7a6f42b470e2021-12-17 11:29:08.562root 11241100x800000000000000084205Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:08.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dabac6a045ad68ed2021-12-17 11:29:08.562root 11241100x800000000000000084206Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:08.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b86fc79e3f4ee8172021-12-17 11:29:08.562root 11241100x800000000000000084207Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:08.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a22d0751ed0e0e232021-12-17 11:29:08.562root 11241100x800000000000000084208Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:08.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.53bc5fdc4c6e490d2021-12-17 11:29:08.562root 11241100x800000000000000084209Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:08.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d5bfdc186d501b172021-12-17 11:29:08.563root 11241100x800000000000000084210Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:08.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.364df9fa1d955c572021-12-17 11:29:08.563root 11241100x800000000000000084211Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:08.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e26d83576e743c52021-12-17 11:29:08.563root 11241100x800000000000000084212Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:08.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fff0c2cac47875242021-12-17 11:29:08.563root 11241100x800000000000000084213Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:09.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd468a72aa07ff0b2021-12-17 11:29:09.056root 11241100x800000000000000084214Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:09.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ebbd1648fd1a5bfa2021-12-17 11:29:09.057root 11241100x800000000000000084215Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:09.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f8791674096d6562021-12-17 11:29:09.057root 11241100x800000000000000084216Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:09.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ecdd1e69f0e264482021-12-17 11:29:09.057root 11241100x800000000000000084217Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:09.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d75e933e1fddc5e12021-12-17 11:29:09.057root 11241100x800000000000000084218Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:09.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a98ee5aa58229f7d2021-12-17 11:29:09.057root 11241100x800000000000000084219Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:09.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8db04cffa8bf9d4a2021-12-17 11:29:09.057root 11241100x800000000000000084220Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:09.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca6c1ecab56ba05b2021-12-17 11:29:09.057root 11241100x800000000000000084221Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:09.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0ac15e59e7a454d2021-12-17 11:29:09.057root 11241100x800000000000000084222Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:09.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d0bd1d760a2c14a2021-12-17 11:29:09.057root 11241100x800000000000000084223Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:09.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6f9e1b322bc793a02021-12-17 11:29:09.057root 11241100x800000000000000084224Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:09.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c782ae1e8d63ac462021-12-17 11:29:09.057root 11241100x800000000000000084225Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:09.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.614f62f3712f89b02021-12-17 11:29:09.057root 11241100x800000000000000084226Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:09.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2a01d412b388ae2c2021-12-17 11:29:09.057root 11241100x800000000000000084227Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:09.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41fccf953f547d642021-12-17 11:29:09.057root 11241100x800000000000000084228Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:09.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ad539479795448d92021-12-17 11:29:09.057root 11241100x800000000000000084229Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:09.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63669692d36d1b712021-12-17 11:29:09.058root 11241100x800000000000000084230Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:09.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.998e664e150e570e2021-12-17 11:29:09.058root 11241100x800000000000000084231Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:09.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6e1e59f8ff8097d92021-12-17 11:29:09.058root 11241100x800000000000000084232Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:09.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a9a062471c2a99f2021-12-17 11:29:09.058root 11241100x800000000000000084233Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:09.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7941f1a7807b8e682021-12-17 11:29:09.058root 11241100x800000000000000084234Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:09.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d7ca919f7ecd7f242021-12-17 11:29:09.058root 11241100x800000000000000084235Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:09.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e534e5b8c2064a042021-12-17 11:29:09.058root 11241100x800000000000000084236Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:09.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.18896468dcd98f1c2021-12-17 11:29:09.058root 11241100x800000000000000084237Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:09.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c4d4630c06e520582021-12-17 11:29:09.058root 11241100x800000000000000084238Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:09.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.94a96e31bab98a992021-12-17 11:29:09.058root 11241100x800000000000000084239Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:09.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.93321bd960f934fe2021-12-17 11:29:09.058root 11241100x800000000000000084240Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:09.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ca6c9c7aab9fd9e2021-12-17 11:29:09.557root 11241100x800000000000000084241Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:09.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef662aa1f4845a282021-12-17 11:29:09.557root 11241100x800000000000000084242Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:09.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9619f288015e6ec12021-12-17 11:29:09.557root 11241100x800000000000000084243Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:09.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d5678114bf9d6862021-12-17 11:29:09.557root 11241100x800000000000000084244Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:09.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.89e5144fb7a4f39b2021-12-17 11:29:09.557root 11241100x800000000000000084245Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:09.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c86c11f7982394fd2021-12-17 11:29:09.557root 11241100x800000000000000084246Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:09.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.316949878e98fa232021-12-17 11:29:09.557root 11241100x800000000000000084247Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:09.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23c006f91b7969b62021-12-17 11:29:09.557root 11241100x800000000000000084248Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:09.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5717d6dff91cfe782021-12-17 11:29:09.558root 11241100x800000000000000084249Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:09.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.144e1f2e6a36f3f92021-12-17 11:29:09.558root 11241100x800000000000000084250Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:09.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.27d3f2ad800451b92021-12-17 11:29:09.558root 11241100x800000000000000084251Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:09.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.516e81e6b28709372021-12-17 11:29:09.558root 11241100x800000000000000084252Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:09.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6576a200374d7bdf2021-12-17 11:29:09.558root 11241100x800000000000000084253Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:09.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0076cf3844ff92072021-12-17 11:29:09.558root 11241100x800000000000000084254Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:09.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.37aee85716c7056a2021-12-17 11:29:09.558root 11241100x800000000000000084255Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:09.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2419cfbcc5ecab0e2021-12-17 11:29:09.558root 11241100x800000000000000084256Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:09.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.420fb3a4a1ee5f4d2021-12-17 11:29:09.558root 11241100x800000000000000084257Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:09.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.101529518efe0f502021-12-17 11:29:09.558root 11241100x800000000000000084258Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:09.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7e4110d2a59555a2021-12-17 11:29:09.558root 11241100x800000000000000084259Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:09.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.18bed4032f70b6682021-12-17 11:29:09.559root 11241100x800000000000000084260Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:09.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6fb273d506cdde52021-12-17 11:29:09.559root 11241100x800000000000000084261Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:09.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8fde600b325d495b2021-12-17 11:29:09.559root 11241100x800000000000000084262Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:09.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.10534648935887722021-12-17 11:29:09.559root 11241100x800000000000000084263Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:09.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be6d4693215a0cda2021-12-17 11:29:09.559root 11241100x800000000000000084264Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:09.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ffa331e23baa2d342021-12-17 11:29:09.559root 11241100x800000000000000084265Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:09.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bf57f54685737e152021-12-17 11:29:09.559root 11241100x800000000000000084266Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:10.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd716812f5ee888f2021-12-17 11:29:10.057root 11241100x800000000000000084267Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:10.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48774d17b8804dee2021-12-17 11:29:10.057root 11241100x800000000000000084268Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:10.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6be2fb0f490145932021-12-17 11:29:10.057root 11241100x800000000000000084269Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:10.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2fe439a5347ccc012021-12-17 11:29:10.057root 11241100x800000000000000084270Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:10.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.083677c615ea579a2021-12-17 11:29:10.057root 11241100x800000000000000084271Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:10.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cdf3a8922e04e18b2021-12-17 11:29:10.057root 11241100x800000000000000084272Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:10.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1b77a0efe2754df2021-12-17 11:29:10.057root 11241100x800000000000000084273Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:10.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b5a2d4640d884a42021-12-17 11:29:10.057root 11241100x800000000000000084274Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:10.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bdc8fa4fd516e2ac2021-12-17 11:29:10.057root 11241100x800000000000000084275Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:10.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c5d91d9aa80bdaf2021-12-17 11:29:10.057root 11241100x800000000000000084276Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:10.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d0e9fd61fd270892021-12-17 11:29:10.057root 11241100x800000000000000084277Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:10.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f5aae3588a08feb2021-12-17 11:29:10.057root 11241100x800000000000000084278Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:10.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.78a365045a8e240c2021-12-17 11:29:10.057root 11241100x800000000000000084279Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:10.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc8fdba760ef124f2021-12-17 11:29:10.058root 11241100x800000000000000084280Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:10.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc84c40c1dce7dd22021-12-17 11:29:10.058root 11241100x800000000000000084281Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:10.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.abbd9c528ccf06a42021-12-17 11:29:10.058root 11241100x800000000000000084282Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:10.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a29e18c31c6e43502021-12-17 11:29:10.058root 11241100x800000000000000084283Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:10.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5720fc7ffda29c662021-12-17 11:29:10.058root 11241100x800000000000000084284Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:10.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca516bfb0bc00d322021-12-17 11:29:10.058root 11241100x800000000000000084285Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:10.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96c80886313b07a22021-12-17 11:29:10.058root 11241100x800000000000000084286Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:10.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f8f3682831482792021-12-17 11:29:10.058root 11241100x800000000000000084287Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:10.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d85d960c81774be82021-12-17 11:29:10.058root 11241100x800000000000000084288Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:10.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.295c67aec63059852021-12-17 11:29:10.058root 11241100x800000000000000084289Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:10.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e58366aae88b48a42021-12-17 11:29:10.058root 11241100x800000000000000084290Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:10.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6770f357efb1374c2021-12-17 11:29:10.058root 11241100x800000000000000084291Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:10.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca0b1752706f8bf02021-12-17 11:29:10.058root 11241100x800000000000000084292Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:10.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c5faf3b60b9885082021-12-17 11:29:10.557root 11241100x800000000000000084293Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:10.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02fef5aa0bd12c3a2021-12-17 11:29:10.557root 11241100x800000000000000084294Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:10.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5fb32581115f12802021-12-17 11:29:10.557root 11241100x800000000000000084295Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:10.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.60e24ed8d9199f5b2021-12-17 11:29:10.557root 11241100x800000000000000084296Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:10.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0dc822db22d550d82021-12-17 11:29:10.557root 11241100x800000000000000084297Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:10.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b24251478d56ad852021-12-17 11:29:10.557root 11241100x800000000000000084298Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:10.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cae9148071f89a5c2021-12-17 11:29:10.557root 11241100x800000000000000084299Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:10.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c27be28362516052021-12-17 11:29:10.558root 11241100x800000000000000084300Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:10.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c63bc4cbeaa0c8a2021-12-17 11:29:10.558root 11241100x800000000000000084301Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:10.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.40443157c804ecda2021-12-17 11:29:10.558root 11241100x800000000000000084302Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:10.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9703c9d69b3ee6cd2021-12-17 11:29:10.558root 11241100x800000000000000084303Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:10.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.279ea93057be28492021-12-17 11:29:10.558root 11241100x800000000000000084304Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:10.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db95eae4d7d7c19c2021-12-17 11:29:10.558root 11241100x800000000000000084305Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:10.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47c3193a243c67d72021-12-17 11:29:10.558root 11241100x800000000000000084306Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:10.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d1445e307d22dc12021-12-17 11:29:10.558root 11241100x800000000000000084307Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:10.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f18f7563ad55ed6f2021-12-17 11:29:10.558root 11241100x800000000000000084308Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:10.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f3afd9d92f33fe62021-12-17 11:29:10.558root 11241100x800000000000000084309Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:10.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9dea414538f2d4d52021-12-17 11:29:10.558root 11241100x800000000000000084310Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:10.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c56afb74c2a31ac22021-12-17 11:29:10.558root 11241100x800000000000000084311Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:10.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b3bf5a0d24d1ca72021-12-17 11:29:10.558root 11241100x800000000000000084312Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:10.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e00e1d53370c60e62021-12-17 11:29:10.558root 11241100x800000000000000084313Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:10.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.24107e835412d7762021-12-17 11:29:10.558root 11241100x800000000000000084314Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:10.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b766fd8aa4dd49482021-12-17 11:29:10.559root 11241100x800000000000000084315Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:10.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.abc642f2eb546ced2021-12-17 11:29:10.559root 11241100x800000000000000084316Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:10.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e63e6cd0e1c49a52021-12-17 11:29:10.559root 11241100x800000000000000084317Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:10.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.704ebcd6bfe4d1d62021-12-17 11:29:10.559root 11241100x800000000000000084318Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:11.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ad6ce26869b63f462021-12-17 11:29:11.057root 11241100x800000000000000084319Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:11.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23e3ed3c1539d09a2021-12-17 11:29:11.057root 11241100x800000000000000084320Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:11.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00c8f9cf2e5776b32021-12-17 11:29:11.057root 11241100x800000000000000084321Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:11.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe74960af7e0ab452021-12-17 11:29:11.057root 11241100x800000000000000084322Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:11.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.04c02ad4c45186f62021-12-17 11:29:11.057root 11241100x800000000000000084323Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:11.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.60a07f54721204fd2021-12-17 11:29:11.057root 11241100x800000000000000084324Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:11.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a38ca67bcc846c92021-12-17 11:29:11.057root 11241100x800000000000000084325Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:11.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.744f78f41a1489572021-12-17 11:29:11.057root 11241100x800000000000000084326Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:11.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3395e8921baea4822021-12-17 11:29:11.057root 11241100x800000000000000084327Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:11.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.88d70a9d601d0d172021-12-17 11:29:11.057root 11241100x800000000000000084328Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:11.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.64dee0b3fc5c5c842021-12-17 11:29:11.058root 11241100x800000000000000084329Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:11.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4635df0c70cd5ce02021-12-17 11:29:11.058root 11241100x800000000000000084330Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:11.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c584b311726fd3562021-12-17 11:29:11.058root 11241100x800000000000000084331Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:11.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7496b9217c678722021-12-17 11:29:11.058root 11241100x800000000000000084332Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:11.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2fadfd40dd9cca1c2021-12-17 11:29:11.058root 11241100x800000000000000084333Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:11.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4273e9f3d9da1ef52021-12-17 11:29:11.058root 11241100x800000000000000084334Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:11.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.40182211d76e2e5b2021-12-17 11:29:11.058root 11241100x800000000000000084335Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:11.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.722207d24db2b04a2021-12-17 11:29:11.058root 11241100x800000000000000084336Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:11.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.12735c9257172d5a2021-12-17 11:29:11.058root 11241100x800000000000000084337Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:11.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e2dad32e785c95cb2021-12-17 11:29:11.058root 11241100x800000000000000084338Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:11.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4800a09be4913f342021-12-17 11:29:11.058root 11241100x800000000000000084339Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:11.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b6555f8a40bf936c2021-12-17 11:29:11.058root 11241100x800000000000000084340Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:11.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e3c7f80a168b3f432021-12-17 11:29:11.058root 11241100x800000000000000084341Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:11.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4427bc0ce4958fc2021-12-17 11:29:11.058root 11241100x800000000000000084342Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:11.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b073c7e1a9ed5aa72021-12-17 11:29:11.058root 11241100x800000000000000084343Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:11.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0facaf435c75ca7e2021-12-17 11:29:11.059root 354300x800000000000000084344Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:11.199{ec28ba6a-70a3-61bc-5175-3a0400000000}5248/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-42986-false10.0.1.12-8000- 11241100x800000000000000084345Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:11.556{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c949a7115176656b2021-12-17 11:29:11.556root 11241100x800000000000000084346Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:11.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f5d750c2a40a686d2021-12-17 11:29:11.557root 11241100x800000000000000084347Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:11.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.78358f29a3d3b03f2021-12-17 11:29:11.557root 11241100x800000000000000084348Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:11.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4579e7ac7f7eeeb2021-12-17 11:29:11.557root 11241100x800000000000000084349Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:11.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d3a03298b661a052021-12-17 11:29:11.557root 11241100x800000000000000084350Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:11.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ff20ee8356f6af82021-12-17 11:29:11.557root 11241100x800000000000000084351Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:11.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed2896d4729818412021-12-17 11:29:11.557root 11241100x800000000000000084352Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:11.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8a5ba36dc85496432021-12-17 11:29:11.557root 11241100x800000000000000084353Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:11.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.51c4ce6921c8d6742021-12-17 11:29:11.557root 11241100x800000000000000084354Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:11.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bca573eddd6a09d72021-12-17 11:29:11.558root 11241100x800000000000000084355Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:11.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f083604835816ca2021-12-17 11:29:11.558root 11241100x800000000000000084356Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:11.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7cf72e4182942fd72021-12-17 11:29:11.558root 11241100x800000000000000084357Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:11.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d004b830f5243bb2021-12-17 11:29:11.558root 11241100x800000000000000084358Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:11.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f549ab10ae9dc4612021-12-17 11:29:11.558root 11241100x800000000000000084359Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:11.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77713d323b7de1d62021-12-17 11:29:11.558root 11241100x800000000000000084360Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:11.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c4171069b1f6f372021-12-17 11:29:11.558root 11241100x800000000000000084361Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:11.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.958499c4eacaf46f2021-12-17 11:29:11.558root 11241100x800000000000000084362Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:11.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc4bb72e19b928d92021-12-17 11:29:11.558root 11241100x800000000000000084363Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:11.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.add732e4da45c6042021-12-17 11:29:11.558root 11241100x800000000000000084364Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:11.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c54d570b8695bd392021-12-17 11:29:11.558root 11241100x800000000000000084365Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:11.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b755a0eab6aa607c2021-12-17 11:29:11.558root 11241100x800000000000000084366Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:11.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6e069da8cf4c7dd12021-12-17 11:29:11.558root 11241100x800000000000000084367Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:11.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2fb3eac453005c092021-12-17 11:29:11.558root 11241100x800000000000000084368Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:11.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.17af7f7cba74ba1e2021-12-17 11:29:11.558root 11241100x800000000000000084369Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:11.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.58b3f9867e5082672021-12-17 11:29:11.559root 11241100x800000000000000084370Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:11.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cecbdc51ae4b695b2021-12-17 11:29:11.559root 11241100x800000000000000084371Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:11.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02af5e0d055a134a2021-12-17 11:29:11.559root 11241100x800000000000000084372Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:11.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.10d2659c0c7e72ee2021-12-17 11:29:11.559root 11241100x800000000000000084373Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:11.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9db71115ab0841a62021-12-17 11:29:11.559root 11241100x800000000000000084374Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:11.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ca18092316d97962021-12-17 11:29:11.559root 11241100x800000000000000084375Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:12.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d02caa8b28bd9552021-12-17 11:29:12.056root 11241100x800000000000000084376Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:12.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e736809f40dc856d2021-12-17 11:29:12.057root 11241100x800000000000000084377Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:12.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e420d611a51c2e52021-12-17 11:29:12.057root 11241100x800000000000000084378Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:12.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4c0eb45bf1b633c2021-12-17 11:29:12.057root 11241100x800000000000000084379Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:12.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5af258589483513f2021-12-17 11:29:12.057root 11241100x800000000000000084380Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:12.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.46f3cb266486331c2021-12-17 11:29:12.058root 11241100x800000000000000084381Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:12.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3629d75ec59a066f2021-12-17 11:29:12.058root 11241100x800000000000000084382Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:12.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a5e5c469e5c755942021-12-17 11:29:12.058root 11241100x800000000000000084383Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:12.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5df8b89d1ccc15422021-12-17 11:29:12.058root 11241100x800000000000000084384Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:12.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.97e6ba2d1ef9981d2021-12-17 11:29:12.058root 11241100x800000000000000084385Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:12.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e10bf81562bb65c62021-12-17 11:29:12.058root 11241100x800000000000000084386Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:12.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.10b942a69f8232392021-12-17 11:29:12.059root 11241100x800000000000000084387Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:12.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5965f9304577e6322021-12-17 11:29:12.059root 11241100x800000000000000084388Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:12.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25963086568a7d142021-12-17 11:29:12.059root 11241100x800000000000000084389Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:12.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b54934163ee6eb12021-12-17 11:29:12.059root 11241100x800000000000000084390Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:12.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ce3809d5e6d33e62021-12-17 11:29:12.059root 11241100x800000000000000084391Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:12.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.81477cc6d2f0c5562021-12-17 11:29:12.059root 11241100x800000000000000084392Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:12.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a357de7149994102021-12-17 11:29:12.060root 11241100x800000000000000084393Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:12.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5790a6454c7526c22021-12-17 11:29:12.060root 11241100x800000000000000084394Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:12.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7fb70c3d5aa69a72021-12-17 11:29:12.060root 11241100x800000000000000084395Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:12.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2c69f238a68684a2021-12-17 11:29:12.060root 11241100x800000000000000084396Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:12.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4d170b9c07b524192021-12-17 11:29:12.060root 11241100x800000000000000084397Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:12.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fbc63f136825f62f2021-12-17 11:29:12.061root 11241100x800000000000000084398Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:12.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be24ce89f9c32c612021-12-17 11:29:12.061root 11241100x800000000000000084399Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:12.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b4584b6ac34fa432021-12-17 11:29:12.061root 11241100x800000000000000084400Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:12.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b8444830bc7f40e92021-12-17 11:29:12.061root 11241100x800000000000000084401Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:12.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.57e41aa7dd54d8c72021-12-17 11:29:12.061root 11241100x800000000000000084402Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:12.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.53c632b328ce7d1b2021-12-17 11:29:12.061root 11241100x800000000000000084403Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:12.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a52c24c2e8c5b8872021-12-17 11:29:12.061root 11241100x800000000000000084404Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:12.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.245355d4956331f92021-12-17 11:29:12.062root 11241100x800000000000000084405Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:12.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af4ec71eefbb2bbf2021-12-17 11:29:12.557root 11241100x800000000000000084406Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:12.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6985c8c8b32e59f92021-12-17 11:29:12.557root 11241100x800000000000000084407Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:12.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ab42ad0ffa3506672021-12-17 11:29:12.558root 11241100x800000000000000084408Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:12.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ba90bdf28b24b1a2021-12-17 11:29:12.558root 11241100x800000000000000084409Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:12.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.79a619e121e75f522021-12-17 11:29:12.558root 11241100x800000000000000084410Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:12.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.063598ea624864ac2021-12-17 11:29:12.558root 11241100x800000000000000084411Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:12.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b129a1fae4aed1e02021-12-17 11:29:12.559root 11241100x800000000000000084412Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:12.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.07cce2e12287844a2021-12-17 11:29:12.559root 11241100x800000000000000084413Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:12.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4af0a4ebe1d1edb92021-12-17 11:29:12.559root 11241100x800000000000000084414Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:12.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.806eb09aacc198102021-12-17 11:29:12.559root 11241100x800000000000000084415Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:12.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.19e25945c04496f32021-12-17 11:29:12.559root 11241100x800000000000000084416Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:12.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7acce65f0f03992f2021-12-17 11:29:12.559root 11241100x800000000000000084417Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:12.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c61f78e2706827242021-12-17 11:29:12.559root 11241100x800000000000000084418Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:12.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.37e04ee80c0060792021-12-17 11:29:12.559root 11241100x800000000000000084419Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:12.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c94e55e2ab0e7fec2021-12-17 11:29:12.560root 11241100x800000000000000084420Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:12.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c5de35d09ca9e7652021-12-17 11:29:12.560root 11241100x800000000000000084421Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:12.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee23c1ca78630e792021-12-17 11:29:12.560root 11241100x800000000000000084422Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:12.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.78bd04b0e1aaa8a42021-12-17 11:29:12.560root 11241100x800000000000000084423Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:12.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dccfde03c18076b52021-12-17 11:29:12.560root 11241100x800000000000000084424Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:12.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.05e3e958c8e4bc182021-12-17 11:29:12.560root 11241100x800000000000000084425Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:12.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e88c9aaa8003a6e62021-12-17 11:29:12.560root 11241100x800000000000000084426Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:12.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.75068d011748a24c2021-12-17 11:29:12.560root 11241100x800000000000000084427Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:12.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6f43979996eb1b8c2021-12-17 11:29:12.560root 11241100x800000000000000084428Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:12.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f2c66cb171b0bdc2021-12-17 11:29:12.560root 11241100x800000000000000084429Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:12.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5242cf1b98e8e38d2021-12-17 11:29:12.561root 11241100x800000000000000084430Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:12.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.01b6bc18b4ded5bb2021-12-17 11:29:12.561root 11241100x800000000000000084431Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:12.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cabf484ba34162a32021-12-17 11:29:12.561root 11241100x800000000000000084432Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d62b6671267cf1652021-12-17 11:29:13.057root 11241100x800000000000000084433Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc075630d46bc24f2021-12-17 11:29:13.057root 11241100x800000000000000084434Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e56046bbf45954f2021-12-17 11:29:13.057root 11241100x800000000000000084435Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.255d128f329c3fdb2021-12-17 11:29:13.057root 11241100x800000000000000084436Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b40940ce35a51802021-12-17 11:29:13.058root 11241100x800000000000000084437Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5cefe7b95ada902d2021-12-17 11:29:13.058root 11241100x800000000000000084438Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77a6ee8c94d0230b2021-12-17 11:29:13.058root 11241100x800000000000000084439Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3965fff952946b192021-12-17 11:29:13.058root 11241100x800000000000000084440Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e750e453791278e82021-12-17 11:29:13.058root 11241100x800000000000000084441Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.22e81a9c630da86b2021-12-17 11:29:13.058root 11241100x800000000000000084442Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4757614730af22c92021-12-17 11:29:13.058root 11241100x800000000000000084443Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2bd26a93a248f7ef2021-12-17 11:29:13.058root 11241100x800000000000000084444Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b392e926602a3f62021-12-17 11:29:13.058root 11241100x800000000000000084445Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.170a7e8ffad4fdf82021-12-17 11:29:13.058root 11241100x800000000000000084446Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8213755bb1a60a882021-12-17 11:29:13.058root 11241100x800000000000000084447Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.30bdff737fcb6cf92021-12-17 11:29:13.058root 11241100x800000000000000084448Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f6c0d92a5cf1dd192021-12-17 11:29:13.058root 11241100x800000000000000084449Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6353e93fb66b48112021-12-17 11:29:13.058root 11241100x800000000000000084450Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.901c7389fdfba7d92021-12-17 11:29:13.059root 11241100x800000000000000084451Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6f8459c128ef8ebf2021-12-17 11:29:13.059root 11241100x800000000000000084452Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f5f7ac4997506e9c2021-12-17 11:29:13.059root 11241100x800000000000000084453Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fcb6cb746b60bc362021-12-17 11:29:13.059root 11241100x800000000000000084454Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.473163197e59822d2021-12-17 11:29:13.059root 11241100x800000000000000084455Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.35fa3cb6ab02c63b2021-12-17 11:29:13.059root 11241100x800000000000000084456Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.84af7c0aad9a78ae2021-12-17 11:29:13.059root 11241100x800000000000000084457Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.85b635bbdf5b3d192021-12-17 11:29:13.059root 11241100x800000000000000084458Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd12d3005271aad92021-12-17 11:29:13.059root 11241100x800000000000000084459Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ff051ffb600cf5e2021-12-17 11:29:13.059root 11241100x800000000000000084460Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c37ce14875801c562021-12-17 11:29:13.059root 11241100x800000000000000084461Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef6dac4b7ba47b3e2021-12-17 11:29:13.059root 11241100x800000000000000084462Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b0efb1cfaa14ad62021-12-17 11:29:13.059root 11241100x800000000000000084463Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.80ef830db94326cb2021-12-17 11:29:13.059root 11241100x800000000000000084464Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ab542b9961171ddb2021-12-17 11:29:13.059root 11241100x800000000000000084465Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd76394bde2a4ed62021-12-17 11:29:13.060root 11241100x800000000000000084466Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f35f07aaff258c32021-12-17 11:29:13.060root 11241100x800000000000000084467Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.35e74f8c4dcd30c12021-12-17 11:29:13.060root 11241100x800000000000000084468Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7dae7cf893184b222021-12-17 11:29:13.060root 11241100x800000000000000084469Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.79e2f6b9b4618b032021-12-17 11:29:13.060root 11241100x800000000000000084470Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.929f2ad1a4bd3bc02021-12-17 11:29:13.060root 11241100x800000000000000084471Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d80c8db88c747db2021-12-17 11:29:13.060root 11241100x800000000000000084472Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.66daed5d50d4306f2021-12-17 11:29:13.060root 11241100x800000000000000084473Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd1cea7188def6ea2021-12-17 11:29:13.557root 11241100x800000000000000084474Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23fbd2a008e996df2021-12-17 11:29:13.557root 11241100x800000000000000084475Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2de59e5f060d7b8e2021-12-17 11:29:13.557root 11241100x800000000000000084476Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c46b176b55ff344a2021-12-17 11:29:13.557root 11241100x800000000000000084477Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f8df61b5c77e356e2021-12-17 11:29:13.557root 11241100x800000000000000084478Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5dcc7bf778e92c712021-12-17 11:29:13.557root 11241100x800000000000000084479Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.97e5fecf344013102021-12-17 11:29:13.557root 11241100x800000000000000084480Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c3fe38a89f03c922021-12-17 11:29:13.557root 11241100x800000000000000084481Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09f082d037448ed02021-12-17 11:29:13.558root 11241100x800000000000000084482Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.11140e596270d2452021-12-17 11:29:13.558root 11241100x800000000000000084483Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a499f2ab7b0976ba2021-12-17 11:29:13.558root 11241100x800000000000000084484Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76dbffcca393f3e72021-12-17 11:29:13.558root 11241100x800000000000000084485Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca9699d9910ba14e2021-12-17 11:29:13.558root 11241100x800000000000000084486Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.61b9b7fcac3b02132021-12-17 11:29:13.558root 11241100x800000000000000084487Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd8a4b18375ba19d2021-12-17 11:29:13.558root 11241100x800000000000000084488Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c26474d335f10b82021-12-17 11:29:13.558root 11241100x800000000000000084489Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b2de4cd1cad016aa2021-12-17 11:29:13.558root 11241100x800000000000000084490Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.62a6d42b01701e342021-12-17 11:29:13.558root 11241100x800000000000000084491Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4005903085905652021-12-17 11:29:13.558root 11241100x800000000000000084492Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7bd0307c6ee104782021-12-17 11:29:13.558root 11241100x800000000000000084493Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d2a8b2ecddb9424f2021-12-17 11:29:13.558root 11241100x800000000000000084494Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0254f27668b0e4f92021-12-17 11:29:13.558root 11241100x800000000000000084495Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c55a8df5549bf8c2021-12-17 11:29:13.559root 11241100x800000000000000084496Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ddeb3bb5b1e4f7a72021-12-17 11:29:13.559root 11241100x800000000000000084497Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.833645b64c501e872021-12-17 11:29:13.559root 11241100x800000000000000084498Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d81d74a3284ca0e32021-12-17 11:29:13.559root 11241100x800000000000000084499Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:13.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.74b0b526b9dc942c2021-12-17 11:29:13.559root 11241100x800000000000000084500Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a9a976089119efe2021-12-17 11:29:14.056root 11241100x800000000000000084501Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6c508005d99e6052021-12-17 11:29:14.056root 11241100x800000000000000084502Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.022dd66d0ea92a8c2021-12-17 11:29:14.056root 11241100x800000000000000084503Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eeabf2916aea8f182021-12-17 11:29:14.056root 11241100x800000000000000084504Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aba89e645ea7b90d2021-12-17 11:29:14.057root 11241100x800000000000000084505Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fb8ae5a75931c27e2021-12-17 11:29:14.057root 11241100x800000000000000084506Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0bca1046ed0c2ee02021-12-17 11:29:14.057root 11241100x800000000000000084507Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5225cafce10ca8982021-12-17 11:29:14.057root 11241100x800000000000000084508Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3885fa11b807052a2021-12-17 11:29:14.057root 11241100x800000000000000084509Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.249833ef4cbfe0ee2021-12-17 11:29:14.057root 11241100x800000000000000084510Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd51088b8d249f512021-12-17 11:29:14.057root 11241100x800000000000000084511Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.390a9e432937aa072021-12-17 11:29:14.057root 11241100x800000000000000084512Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac01ccfb947c56132021-12-17 11:29:14.057root 11241100x800000000000000084513Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.293f2054856d450d2021-12-17 11:29:14.057root 11241100x800000000000000084514Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d6d0b3e3739f78f2021-12-17 11:29:14.057root 11241100x800000000000000084515Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.14c62455e67b036a2021-12-17 11:29:14.057root 11241100x800000000000000084516Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc932a61ea2af4262021-12-17 11:29:14.057root 11241100x800000000000000084517Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2dcb861ef66fbc9b2021-12-17 11:29:14.057root 11241100x800000000000000084518Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d552922ef9b0fe92021-12-17 11:29:14.058root 11241100x800000000000000084519Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.07f8022ed5a7d9b02021-12-17 11:29:14.058root 11241100x800000000000000084520Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.200af6cb7acf0f1f2021-12-17 11:29:14.058root 11241100x800000000000000084521Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd6224f8d7eadcde2021-12-17 11:29:14.058root 11241100x800000000000000084522Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.547968be0a736b1b2021-12-17 11:29:14.058root 11241100x800000000000000084523Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a112d72dea196c62021-12-17 11:29:14.058root 11241100x800000000000000084524Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f1c3264e3a1012472021-12-17 11:29:14.058root 11241100x800000000000000084525Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b65b1827fd7147cd2021-12-17 11:29:14.058root 11241100x800000000000000084526Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bbbed483bbbbb5862021-12-17 11:29:14.058root 11241100x800000000000000084527Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.64ef5987113fd5f42021-12-17 11:29:14.058root 11241100x800000000000000084528Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3fd16e4f2ba370b2021-12-17 11:29:14.058root 11241100x800000000000000084529Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.120da804207ed1d22021-12-17 11:29:14.058root 11241100x800000000000000084530Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.372464ab774dbc3a2021-12-17 11:29:14.058root 11241100x800000000000000084531Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2cd261548c25c2f82021-12-17 11:29:14.058root 11241100x800000000000000084532Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c88a3d907392de92021-12-17 11:29:14.058root 11241100x800000000000000084533Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bfbdb582dac1cf1b2021-12-17 11:29:14.059root 11241100x800000000000000084534Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7eaefe536d4ed66c2021-12-17 11:29:14.059root 11241100x800000000000000084535Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.556{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7be843d3ff64e7052021-12-17 11:29:14.556root 11241100x800000000000000084536Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.556{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da09546697eebf452021-12-17 11:29:14.556root 11241100x800000000000000084537Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.556{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d0d13f7de0c446472021-12-17 11:29:14.556root 11241100x800000000000000084538Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41d3f731aa3710b22021-12-17 11:29:14.557root 11241100x800000000000000084539Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8eb660cb8cdcd992021-12-17 11:29:14.557root 11241100x800000000000000084540Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.850bc50d146ba9922021-12-17 11:29:14.557root 11241100x800000000000000084541Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cb2af63868ee8aa02021-12-17 11:29:14.557root 11241100x800000000000000084542Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc58cd0437f1d21c2021-12-17 11:29:14.557root 11241100x800000000000000084543Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b5e629fc2f92fb72021-12-17 11:29:14.557root 11241100x800000000000000084544Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ab9a479f27c7f702021-12-17 11:29:14.557root 11241100x800000000000000084545Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.14ef14e998a877db2021-12-17 11:29:14.557root 11241100x800000000000000084546Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1f10dec5754c8442021-12-17 11:29:14.557root 11241100x800000000000000084547Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.008022e2e02bfc8f2021-12-17 11:29:14.557root 11241100x800000000000000084548Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac5c91c361c1f0452021-12-17 11:29:14.557root 11241100x800000000000000084549Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1fc09c7f30a0491f2021-12-17 11:29:14.557root 11241100x800000000000000084550Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b34a5922db687a6c2021-12-17 11:29:14.557root 11241100x800000000000000084551Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5cc3d4d6f9e528fc2021-12-17 11:29:14.557root 11241100x800000000000000084552Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a25cabc1affe3952021-12-17 11:29:14.557root 11241100x800000000000000084553Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.49092ceb2bc66fe12021-12-17 11:29:14.557root 11241100x800000000000000084554Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b13e1428deaf04a82021-12-17 11:29:14.558root 11241100x800000000000000084555Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1cfa2e384d24a0a92021-12-17 11:29:14.558root 11241100x800000000000000084556Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8596a174ac72d8972021-12-17 11:29:14.558root 11241100x800000000000000084557Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e505eac54639d50b2021-12-17 11:29:14.558root 11241100x800000000000000084558Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.78d98569c06f44aa2021-12-17 11:29:14.558root 11241100x800000000000000084559Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.61d5285e66f23b932021-12-17 11:29:14.558root 11241100x800000000000000084560Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b0bdd3497066927f2021-12-17 11:29:14.558root 11241100x800000000000000084561Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.89be285d8dfa94202021-12-17 11:29:14.558root 11241100x800000000000000084562Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.495861cb8f9d130e2021-12-17 11:29:14.558root 11241100x800000000000000084563Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b8f047251079ba0a2021-12-17 11:29:14.558root 11241100x800000000000000084564Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02f55eddf6fedd502021-12-17 11:29:14.558root 11241100x800000000000000084565Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9abd75a9ecfbba32021-12-17 11:29:14.559root 11241100x800000000000000084566Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b99f5f758bb26ce12021-12-17 11:29:14.559root 11241100x800000000000000084567Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8870ef7c107d6222021-12-17 11:29:14.559root 11241100x800000000000000084568Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd4e10ecf891a18c2021-12-17 11:29:14.559root 11241100x800000000000000084569Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f98bbaf014f1d42e2021-12-17 11:29:14.559root 11241100x800000000000000084570Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3366b643a1c8f0e72021-12-17 11:29:14.559root 11241100x800000000000000084571Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2888579d8d4b49532021-12-17 11:29:14.559root 11241100x800000000000000084572Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b0faeede5a122a82021-12-17 11:29:14.559root 11241100x800000000000000084573Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:14.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ddc90060d31bb37a2021-12-17 11:29:14.559root 11241100x800000000000000084574Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:15.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a316905cae951a82021-12-17 11:29:15.056root 11241100x800000000000000084575Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:15.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4507663bee3622742021-12-17 11:29:15.056root 11241100x800000000000000084576Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:15.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6d9e92df5f5aa652021-12-17 11:29:15.056root 11241100x800000000000000084577Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:15.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0caf9bad95df9882021-12-17 11:29:15.057root 11241100x800000000000000084578Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:15.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4601b1b973a5b7992021-12-17 11:29:15.057root 11241100x800000000000000084579Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:15.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.caaa2c591df1fe402021-12-17 11:29:15.057root 11241100x800000000000000084580Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:15.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1777c87e40656aac2021-12-17 11:29:15.057root 11241100x800000000000000084581Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:15.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ee079d43fe948cd2021-12-17 11:29:15.057root 11241100x800000000000000084582Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:15.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.85ec792f02cc740a2021-12-17 11:29:15.057root 11241100x800000000000000084583Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:15.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d84d74826d8a48172021-12-17 11:29:15.057root 11241100x800000000000000084584Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:15.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a3afd3d16b414f3a2021-12-17 11:29:15.057root 11241100x800000000000000084585Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:15.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b8f8499f3bd554d2021-12-17 11:29:15.057root 11241100x800000000000000084586Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:15.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ae01586611291622021-12-17 11:29:15.057root 11241100x800000000000000084587Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:15.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9cdcbb9084e4549c2021-12-17 11:29:15.057root 11241100x800000000000000084588Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:15.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33644c98be9cc6de2021-12-17 11:29:15.057root 11241100x800000000000000084589Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:15.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8231103a01ce06e2021-12-17 11:29:15.057root 11241100x800000000000000084590Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:15.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f1f2a10e6f15c2ca2021-12-17 11:29:15.057root 11241100x800000000000000084591Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:15.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c68fe34ce86044a42021-12-17 11:29:15.057root 11241100x800000000000000084592Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:15.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2206422293e6a2a32021-12-17 11:29:15.058root 11241100x800000000000000084593Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:15.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c8e71162f5aed0202021-12-17 11:29:15.058root 11241100x800000000000000084594Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:15.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.12fdee5dfe91e0302021-12-17 11:29:15.058root 11241100x800000000000000084595Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:15.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.05a87f33108361252021-12-17 11:29:15.058root 11241100x800000000000000084596Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:15.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc662a7bf7a533de2021-12-17 11:29:15.058root 11241100x800000000000000084597Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:15.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd3fa4a9b1fd880a2021-12-17 11:29:15.058root 11241100x800000000000000084598Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:15.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2b76697a52b533412021-12-17 11:29:15.058root 11241100x800000000000000084599Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:15.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cea4bc451e24f2e32021-12-17 11:29:15.058root 11241100x800000000000000084600Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:15.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.731a58346b6e16592021-12-17 11:29:15.058root 11241100x800000000000000084601Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:15.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6812ce13f74af0212021-12-17 11:29:15.058root 11241100x800000000000000084602Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:15.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c485053cd4b7f5832021-12-17 11:29:15.557root 11241100x800000000000000084603Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:15.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9011dcb079a3bd332021-12-17 11:29:15.557root 11241100x800000000000000084604Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:15.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.67d94096be31c16a2021-12-17 11:29:15.557root 11241100x800000000000000084605Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:15.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6ee60574aaf3a272021-12-17 11:29:15.557root 11241100x800000000000000084606Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:15.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df79de1a58e41baf2021-12-17 11:29:15.557root 11241100x800000000000000084607Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:15.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2b110aad92e5ec982021-12-17 11:29:15.557root 11241100x800000000000000084608Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:15.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac0db09589b72b982021-12-17 11:29:15.558root 11241100x800000000000000084609Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:15.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0d746f22c7424652021-12-17 11:29:15.558root 11241100x800000000000000084610Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:15.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d856a28d1eb540df2021-12-17 11:29:15.558root 11241100x800000000000000084611Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:15.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.89ff0bc37dbce1752021-12-17 11:29:15.558root 11241100x800000000000000084612Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:15.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.979e8af01684494f2021-12-17 11:29:15.558root 11241100x800000000000000084613Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:15.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e76b4f32d3ab6f82021-12-17 11:29:15.558root 11241100x800000000000000084614Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:15.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d50ba1946f8902972021-12-17 11:29:15.558root 11241100x800000000000000084615Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:15.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8699569d7b11fc7e2021-12-17 11:29:15.558root 11241100x800000000000000084616Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:15.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.003576658baf34742021-12-17 11:29:15.558root 11241100x800000000000000084617Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:15.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ffe58bdd169f3092021-12-17 11:29:15.558root 11241100x800000000000000084618Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:15.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b5bef8d7574444872021-12-17 11:29:15.558root 11241100x800000000000000084619Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:15.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.387512bfd1b618382021-12-17 11:29:15.558root 11241100x800000000000000084620Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:15.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8310c8ea7d1f81112021-12-17 11:29:15.559root 11241100x800000000000000084621Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:15.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1122d842f5ba39a42021-12-17 11:29:15.559root 11241100x800000000000000084622Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:15.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9f545329bc62cd8c2021-12-17 11:29:15.559root 11241100x800000000000000084623Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:15.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f6f2a210cb4af512021-12-17 11:29:15.559root 11241100x800000000000000084624Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:15.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.226e9569a00219032021-12-17 11:29:15.559root 11241100x800000000000000084625Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:15.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b39248dfab87f8cf2021-12-17 11:29:15.559root 11241100x800000000000000084626Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:15.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3924612eae6384f02021-12-17 11:29:15.559root 11241100x800000000000000084627Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:15.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7195fe805b178ac12021-12-17 11:29:15.559root 11241100x800000000000000084628Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:15.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.009221a6d4c5e50c2021-12-17 11:29:15.559root 11241100x800000000000000084629Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:16.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.091afa9b485782b92021-12-17 11:29:16.056root 11241100x800000000000000084630Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:16.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d084b342b736aa792021-12-17 11:29:16.057root 11241100x800000000000000084631Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:16.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.65885666c63c56532021-12-17 11:29:16.057root 11241100x800000000000000084632Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:16.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6cf783f0e230d7462021-12-17 11:29:16.057root 11241100x800000000000000084633Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:16.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4bf205b729f2f5a42021-12-17 11:29:16.057root 11241100x800000000000000084634Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:16.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4cf397a44ddd55112021-12-17 11:29:16.057root 11241100x800000000000000084635Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:16.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3acdd8b68adbf42b2021-12-17 11:29:16.057root 11241100x800000000000000084636Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:16.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.854e652840eeb3ca2021-12-17 11:29:16.057root 11241100x800000000000000084637Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:16.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f0e98a5236f058082021-12-17 11:29:16.057root 11241100x800000000000000084638Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:16.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.defadf1cbe02efa82021-12-17 11:29:16.057root 11241100x800000000000000084639Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:16.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.12f8e444bdd9ec362021-12-17 11:29:16.057root 11241100x800000000000000084640Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:16.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1bcf7a86ee8d9aa22021-12-17 11:29:16.058root 11241100x800000000000000084641Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:16.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5cd85a6e0ce5f8f82021-12-17 11:29:16.058root 11241100x800000000000000084642Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:16.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4871a0e4ca5d961d2021-12-17 11:29:16.058root 11241100x800000000000000084643Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:16.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.92a013300fc74c782021-12-17 11:29:16.058root 11241100x800000000000000084644Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:16.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6cae226c784374fb2021-12-17 11:29:16.058root 11241100x800000000000000084645Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:16.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0854226ff0c0c0e2021-12-17 11:29:16.058root 11241100x800000000000000084646Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:16.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ce584e59ea3bbb22021-12-17 11:29:16.058root 11241100x800000000000000084647Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:16.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd859569b068bbbe2021-12-17 11:29:16.058root 11241100x800000000000000084648Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:16.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb951dadd6e81dd82021-12-17 11:29:16.058root 11241100x800000000000000084649Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:16.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.43c290ca7e728cdf2021-12-17 11:29:16.059root 11241100x800000000000000084650Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:16.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.780eeb0795162c972021-12-17 11:29:16.059root 11241100x800000000000000084651Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:16.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bbcd5175f6661c5b2021-12-17 11:29:16.059root 11241100x800000000000000084652Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:16.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.83423084eaf225b92021-12-17 11:29:16.059root 11241100x800000000000000084653Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:16.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.402535391e1522b72021-12-17 11:29:16.059root 11241100x800000000000000084654Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:16.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6e480a4522b7cf232021-12-17 11:29:16.059root 11241100x800000000000000084655Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:16.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff02116d336160752021-12-17 11:29:16.059root 11241100x800000000000000084656Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:16.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.581a6696c4d7bcbf2021-12-17 11:29:16.059root 11241100x800000000000000084657Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:16.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e749e41c6b23e00a2021-12-17 11:29:16.059root 11241100x800000000000000084658Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:16.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac126ba543672cf92021-12-17 11:29:16.059root 11241100x800000000000000084659Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:16.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9916288bdea115392021-12-17 11:29:16.060root 11241100x800000000000000084660Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:16.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c46c74f0cbc07c732021-12-17 11:29:16.060root 11241100x800000000000000084661Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:16.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e0a6252e0ee09932021-12-17 11:29:16.060root 11241100x800000000000000084662Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:16.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c37313a11c09d6ce2021-12-17 11:29:16.557root 11241100x800000000000000084663Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:16.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.43524ae0a6610c4f2021-12-17 11:29:16.557root 11241100x800000000000000084664Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:16.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc4eb0c74f762e412021-12-17 11:29:16.557root 11241100x800000000000000084665Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:16.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b5adab5783e64162021-12-17 11:29:16.557root 11241100x800000000000000084666Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:16.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd0c3f15797566372021-12-17 11:29:16.558root 11241100x800000000000000084667Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:16.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4741024ba4bf75c82021-12-17 11:29:16.558root 11241100x800000000000000084668Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:16.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0127a78e12c5fe0a2021-12-17 11:29:16.558root 11241100x800000000000000084669Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:16.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63b0d80022a5f3292021-12-17 11:29:16.558root 11241100x800000000000000084670Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:16.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.13f0041b46fd5cf52021-12-17 11:29:16.558root 11241100x800000000000000084671Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:16.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a0494c636d7c99a2021-12-17 11:29:16.558root 11241100x800000000000000084672Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:16.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aca15f4b8ceb36d12021-12-17 11:29:16.558root 11241100x800000000000000084673Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:16.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.75737ce3033a95b42021-12-17 11:29:16.558root 11241100x800000000000000084674Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:16.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ef68064d690c69a2021-12-17 11:29:16.559root 11241100x800000000000000084675Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:16.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5343f122144ed2322021-12-17 11:29:16.559root 11241100x800000000000000084676Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:16.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e1512f401f94b332021-12-17 11:29:16.559root 11241100x800000000000000084677Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:16.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.983e067f0815896f2021-12-17 11:29:16.559root 11241100x800000000000000084678Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:16.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2f9eb687677d75a2021-12-17 11:29:16.559root 11241100x800000000000000084679Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:16.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.717ce25b93097e892021-12-17 11:29:16.559root 11241100x800000000000000084680Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:16.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3c2fb4a87df3a0202021-12-17 11:29:16.559root 11241100x800000000000000084681Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:16.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.730b90b256e974e42021-12-17 11:29:16.559root 11241100x800000000000000084682Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:16.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5364b95efeda3e442021-12-17 11:29:16.559root 11241100x800000000000000084683Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:16.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e21898eb1cf6b212021-12-17 11:29:16.560root 11241100x800000000000000084684Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:16.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7aff0646367e11422021-12-17 11:29:16.560root 11241100x800000000000000084685Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:16.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.46b8a5723520b4402021-12-17 11:29:16.560root 11241100x800000000000000084686Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:16.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2b630b472a9ac15a2021-12-17 11:29:16.560root 11241100x800000000000000084687Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:16.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f3d25fa6e619bd62021-12-17 11:29:16.560root 11241100x800000000000000084688Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:16.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce339a84704792d62021-12-17 11:29:16.560root 11241100x800000000000000084689Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:17.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e88387c1a6d503c2021-12-17 11:29:17.056root 11241100x800000000000000084690Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:17.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90c33cabdf6711762021-12-17 11:29:17.057root 11241100x800000000000000084691Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:17.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da1a2f273addc2f22021-12-17 11:29:17.057root 11241100x800000000000000084692Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:17.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9adfbb87d790ab452021-12-17 11:29:17.057root 11241100x800000000000000084693Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:17.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21e5dd32bca6d4b62021-12-17 11:29:17.057root 11241100x800000000000000084694Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:17.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f0cfbdf7796ad902021-12-17 11:29:17.057root 11241100x800000000000000084695Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:17.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b21c54432cde5a922021-12-17 11:29:17.057root 11241100x800000000000000084696Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:17.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.60c183d6fb45f13b2021-12-17 11:29:17.057root 11241100x800000000000000084697Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:17.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.37465694fe851e802021-12-17 11:29:17.058root 11241100x800000000000000084698Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:17.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0cb0d76ad9e76ee2021-12-17 11:29:17.058root 11241100x800000000000000084699Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:17.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b7d13fab547a5382021-12-17 11:29:17.058root 11241100x800000000000000084700Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:17.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8714daef1c80f592021-12-17 11:29:17.058root 11241100x800000000000000084701Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:17.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7871941386e5e2f42021-12-17 11:29:17.058root 11241100x800000000000000084702Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:17.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d2b76159fb2329582021-12-17 11:29:17.058root 11241100x800000000000000084703Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:17.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f81e851b70feb3842021-12-17 11:29:17.058root 11241100x800000000000000084704Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:17.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d54af16f39c59a02021-12-17 11:29:17.058root 11241100x800000000000000084705Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:17.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a9617648b375d502021-12-17 11:29:17.058root 11241100x800000000000000084706Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:17.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d0dded7c1cec0d92021-12-17 11:29:17.059root 11241100x800000000000000084707Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:17.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.445b0fd3321919bc2021-12-17 11:29:17.059root 11241100x800000000000000084708Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:17.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.34758a050c2146d52021-12-17 11:29:17.059root 11241100x800000000000000084709Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:17.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3c18c02bf961a3722021-12-17 11:29:17.059root 11241100x800000000000000084710Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:17.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.895f8c814ba471852021-12-17 11:29:17.059root 11241100x800000000000000084711Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:17.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.620c8f84b2ee36b52021-12-17 11:29:17.059root 11241100x800000000000000084712Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:17.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6203a6a867f12a712021-12-17 11:29:17.059root 11241100x800000000000000084713Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:17.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d9315bd0b072af152021-12-17 11:29:17.059root 11241100x800000000000000084714Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:17.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1bc353240695dcc62021-12-17 11:29:17.059root 11241100x800000000000000084715Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:17.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.81015448e42355c22021-12-17 11:29:17.060root 354300x800000000000000084716Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:17.174{ec28ba6a-70a3-61bc-5175-3a0400000000}5248/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-42988-false10.0.1.12-8000- 11241100x800000000000000084717Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:17.556{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.209b27a73c606f072021-12-17 11:29:17.556root 11241100x800000000000000084718Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:17.556{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8cf880d85d420b42021-12-17 11:29:17.556root 11241100x800000000000000084719Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:17.556{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c1e54f2aa0df4ba2021-12-17 11:29:17.556root 11241100x800000000000000084720Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:17.556{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.214d7d4b9d45d9182021-12-17 11:29:17.556root 11241100x800000000000000084721Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:17.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.35cc7588e71570432021-12-17 11:29:17.557root 11241100x800000000000000084722Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:17.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e5bae1c982f19722021-12-17 11:29:17.557root 11241100x800000000000000084723Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:17.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f68c0e99db089c092021-12-17 11:29:17.557root 11241100x800000000000000084724Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:17.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c551797a0b86e8ce2021-12-17 11:29:17.557root 11241100x800000000000000084725Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:17.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c92c98b79ee9a3b2021-12-17 11:29:17.557root 11241100x800000000000000084726Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:17.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bbe23eb680fd9d432021-12-17 11:29:17.557root 11241100x800000000000000084727Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:17.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.32b7d8f30748c41a2021-12-17 11:29:17.557root 11241100x800000000000000084728Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:17.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7273c88ce529e0dc2021-12-17 11:29:17.557root 11241100x800000000000000084729Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:17.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c3300e535fb9dc82021-12-17 11:29:17.557root 11241100x800000000000000084730Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:17.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5639cef3a5ccff652021-12-17 11:29:17.558root 11241100x800000000000000084731Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:17.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.033b1db30d6d6d732021-12-17 11:29:17.558root 11241100x800000000000000084732Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:17.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.718c0ad96cda97aa2021-12-17 11:29:17.558root 11241100x800000000000000084733Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:17.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f854250bdbe5fc52021-12-17 11:29:17.558root 11241100x800000000000000084734Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:17.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.813b7643a0d94aba2021-12-17 11:29:17.558root 11241100x800000000000000084735Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:17.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f03143af24c4d252021-12-17 11:29:17.558root 11241100x800000000000000084736Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:17.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7acf75a3314ff8aa2021-12-17 11:29:17.558root 11241100x800000000000000084737Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:17.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.58a890ce2cc23cc92021-12-17 11:29:17.558root 11241100x800000000000000084738Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:17.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6610b462ffebe02e2021-12-17 11:29:17.558root 11241100x800000000000000084739Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:17.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe0e8eb056845c2a2021-12-17 11:29:17.558root 11241100x800000000000000084740Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:17.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0445d42e7ec7782d2021-12-17 11:29:17.559root 11241100x800000000000000084741Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:17.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.775ae7d331360eda2021-12-17 11:29:17.559root 11241100x800000000000000084742Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:17.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4857b408396791222021-12-17 11:29:17.559root 11241100x800000000000000084743Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:17.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb62a1e632fc5c902021-12-17 11:29:17.559root 11241100x800000000000000084744Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:17.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e9abd140335444772021-12-17 11:29:17.559root 11241100x800000000000000084745Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:17.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b2e583c3007a73ef2021-12-17 11:29:17.559root 11241100x800000000000000084746Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:17.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1ca288be5d8be6762021-12-17 11:29:17.559root 11241100x800000000000000084747Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21487e2fc804a4552021-12-17 11:29:18.057root 11241100x800000000000000084748Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b533a9e9cf58d132021-12-17 11:29:18.057root 11241100x800000000000000084749Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f96da6d829da1322021-12-17 11:29:18.057root 11241100x800000000000000084750Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6e0f4282db45f1ae2021-12-17 11:29:18.057root 11241100x800000000000000084751Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6153b8aa141cb1982021-12-17 11:29:18.057root 11241100x800000000000000084752Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.097901133ed7dee52021-12-17 11:29:18.058root 11241100x800000000000000084753Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.284ead5715f5cd002021-12-17 11:29:18.058root 11241100x800000000000000084754Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f7062437fb428e92021-12-17 11:29:18.058root 11241100x800000000000000084755Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2222852be368ad42021-12-17 11:29:18.058root 11241100x800000000000000084756Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff9961f72a6b207e2021-12-17 11:29:18.058root 11241100x800000000000000084757Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.51f12251f150ec2d2021-12-17 11:29:18.058root 11241100x800000000000000084758Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f588f5cb3f7a03d2021-12-17 11:29:18.058root 11241100x800000000000000084759Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.58d7f17445b1dc892021-12-17 11:29:18.058root 11241100x800000000000000084760Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f2ffdbdbe8993c42021-12-17 11:29:18.058root 11241100x800000000000000084761Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38720a77af1b12222021-12-17 11:29:18.058root 11241100x800000000000000084762Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.71f56b1e60bfa9c02021-12-17 11:29:18.059root 11241100x800000000000000084763Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1d7f921106942bf2021-12-17 11:29:18.059root 11241100x800000000000000084764Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf65dc4aba72dcd22021-12-17 11:29:18.059root 11241100x800000000000000084765Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a31361c0a8333b9f2021-12-17 11:29:18.059root 11241100x800000000000000084766Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f7b4fd7d261458502021-12-17 11:29:18.059root 11241100x800000000000000084767Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bebdcdfa70294fa12021-12-17 11:29:18.059root 11241100x800000000000000084768Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9125d5b25d8bc85f2021-12-17 11:29:18.059root 11241100x800000000000000084769Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb6d4720c19512082021-12-17 11:29:18.059root 11241100x800000000000000084770Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.028fbebd130ec21b2021-12-17 11:29:18.059root 11241100x800000000000000084771Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.afa527c2c787058c2021-12-17 11:29:18.059root 11241100x800000000000000084772Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa77c4dcfb3c82fa2021-12-17 11:29:18.059root 11241100x800000000000000084773Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.34cc7521468ab8462021-12-17 11:29:18.060root 11241100x800000000000000084774Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6afec96af4631b392021-12-17 11:29:18.060root 11241100x800000000000000084775Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3536c7b42ef5e51e2021-12-17 11:29:18.557root 11241100x800000000000000084776Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.97783a27a080a6322021-12-17 11:29:18.557root 11241100x800000000000000084777Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.406ace26cb93f4fd2021-12-17 11:29:18.557root 11241100x800000000000000084778Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.134cbce9c56048af2021-12-17 11:29:18.557root 11241100x800000000000000084779Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7aa619142054a6992021-12-17 11:29:18.557root 11241100x800000000000000084780Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c8e7b16cc62adc82021-12-17 11:29:18.557root 11241100x800000000000000084781Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7380e9aec24a46f52021-12-17 11:29:18.558root 11241100x800000000000000084782Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f9d0a49a494493a52021-12-17 11:29:18.558root 11241100x800000000000000084783Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.92a0e0a2ff42a8922021-12-17 11:29:18.558root 11241100x800000000000000084784Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f6199fbe61f91eee2021-12-17 11:29:18.558root 11241100x800000000000000084785Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed627a6c9226ec792021-12-17 11:29:18.558root 11241100x800000000000000084786Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c14b6f38080fa7f02021-12-17 11:29:18.558root 11241100x800000000000000084787Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.568c1651794511e12021-12-17 11:29:18.558root 11241100x800000000000000084788Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7599a6abb87339682021-12-17 11:29:18.558root 11241100x800000000000000084789Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f7c1c720047e2ea12021-12-17 11:29:18.559root 11241100x800000000000000084790Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4d738617c8c40f652021-12-17 11:29:18.559root 11241100x800000000000000084791Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54b91ae83acf84312021-12-17 11:29:18.559root 11241100x800000000000000084792Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.46a82fee153b4de82021-12-17 11:29:18.559root 11241100x800000000000000084793Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.13cef2479d57d6c32021-12-17 11:29:18.559root 11241100x800000000000000084794Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.701dc2922931d09d2021-12-17 11:29:18.559root 11241100x800000000000000084795Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c39921d1c2e9f4f22021-12-17 11:29:18.559root 11241100x800000000000000084796Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bebde1336d2f2d752021-12-17 11:29:18.559root 11241100x800000000000000084797Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.037768ca3258756a2021-12-17 11:29:18.559root 11241100x800000000000000084798Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf2b54c68b2c95b52021-12-17 11:29:18.559root 11241100x800000000000000084799Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0524e9731738e7872021-12-17 11:29:18.560root 11241100x800000000000000084800Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2897580d9abd179e2021-12-17 11:29:18.560root 11241100x800000000000000084801Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f96225f66eebc2ea2021-12-17 11:29:18.560root 11241100x800000000000000084802Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d7134b1bc9c6fae2021-12-17 11:29:18.560root 11241100x800000000000000084803Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.83c6eba8b5eec1202021-12-17 11:29:18.560root 11241100x800000000000000084804Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.11814cdc0bc68c992021-12-17 11:29:18.560root 11241100x800000000000000084805Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bff3b4f9ba5eef6b2021-12-17 11:29:18.560root 11241100x800000000000000084806Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1aa99b25e659cb982021-12-17 11:29:18.560root 11241100x800000000000000084807Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.444ead2ce17af4232021-12-17 11:29:18.560root 11241100x800000000000000084808Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.83f1c6a6910872192021-12-17 11:29:18.560root 11241100x800000000000000084809Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.abc4a21d0a8459602021-12-17 11:29:18.561root 154100x800000000000000084810Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.617{ec28ba6a-748e-61bc-68b4-26aa7a550000}5427/bin/ps-----ps -e -o pid,ppid,state,command/var/snap/amazon-ssm-agent/4046root{ec28ba6a-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}2255--- 534500x800000000000000084811Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:18.628{ec28ba6a-748e-61bc-68b4-26aa7a550000}5427/bin/psroot 11241100x800000000000000084812Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1cd8fc314a2853d32021-12-17 11:29:19.056root 11241100x800000000000000084813Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.55e8ec9856bf325c2021-12-17 11:29:19.056root 11241100x800000000000000084814Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b768fc73a066f7c92021-12-17 11:29:19.056root 11241100x800000000000000084815Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6282e914650f54c52021-12-17 11:29:19.057root 11241100x800000000000000084816Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2434cbfa776151732021-12-17 11:29:19.057root 11241100x800000000000000084817Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a8d97967ede8e9f2021-12-17 11:29:19.057root 11241100x800000000000000084818Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.56d1ed67da64a0782021-12-17 11:29:19.057root 11241100x800000000000000084819Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b38b919be580654e2021-12-17 11:29:19.057root 11241100x800000000000000084820Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e1a87eb2c06d94352021-12-17 11:29:19.057root 11241100x800000000000000084821Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a337482f997ce4a32021-12-17 11:29:19.057root 11241100x800000000000000084822Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.49f30a61465c393d2021-12-17 11:29:19.057root 11241100x800000000000000084823Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.64dd6bfd4f5886ee2021-12-17 11:29:19.057root 11241100x800000000000000084824Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2b8545cca7a13d2c2021-12-17 11:29:19.058root 11241100x800000000000000084825Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e188fd59dbf3aca2021-12-17 11:29:19.058root 11241100x800000000000000084826Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d4391c12c2209cb2021-12-17 11:29:19.058root 11241100x800000000000000084827Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c80204c34c38f202021-12-17 11:29:19.058root 11241100x800000000000000084828Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02220b3be3ae53212021-12-17 11:29:19.058root 11241100x800000000000000084829Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da0482c83b9810752021-12-17 11:29:19.058root 11241100x800000000000000084830Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6027dd602023660f2021-12-17 11:29:19.058root 11241100x800000000000000084831Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.42e61a6cf4d95fed2021-12-17 11:29:19.058root 11241100x800000000000000084832Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.654199fa084e7f112021-12-17 11:29:19.059root 11241100x800000000000000084833Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.12741a261e0eab042021-12-17 11:29:19.059root 11241100x800000000000000084834Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f09d93cbd37fc902021-12-17 11:29:19.059root 11241100x800000000000000084835Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0a81a44dce64b6c2021-12-17 11:29:19.059root 11241100x800000000000000084836Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.94eeeec79ff5655b2021-12-17 11:29:19.059root 11241100x800000000000000084837Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1884f749032f5c542021-12-17 11:29:19.059root 11241100x800000000000000084838Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2beb36406af9ac662021-12-17 11:29:19.059root 11241100x800000000000000084839Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe9e2e754015effa2021-12-17 11:29:19.059root 11241100x800000000000000084840Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.29102eeebadd0df42021-12-17 11:29:19.059root 11241100x800000000000000084841Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f715253a94652ca2021-12-17 11:29:19.059root 11241100x800000000000000084842Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e95409af1295e2362021-12-17 11:29:19.060root 11241100x800000000000000084843Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.32280a18d0ead0472021-12-17 11:29:19.060root 11241100x800000000000000084844Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a35706396c8bdc82021-12-17 11:29:19.060root 11241100x800000000000000084845Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.052fb6d90f0c10352021-12-17 11:29:19.060root 11241100x800000000000000084846Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ecf3e554e6a7dd542021-12-17 11:29:19.060root 11241100x800000000000000084847Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.607907f4c50777532021-12-17 11:29:19.060root 11241100x800000000000000084848Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e5c79c0fe56440ff2021-12-17 11:29:19.060root 11241100x800000000000000084849Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7796a300cb038a5c2021-12-17 11:29:19.060root 11241100x800000000000000084850Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f6092f1a4244078e2021-12-17 11:29:19.060root 11241100x800000000000000084851Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d924b563c4681f02021-12-17 11:29:19.557root 11241100x800000000000000084852Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c710e4aa509f3042021-12-17 11:29:19.557root 11241100x800000000000000084853Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3148238a3f87d5372021-12-17 11:29:19.557root 11241100x800000000000000084854Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8aa0e417b2af48952021-12-17 11:29:19.557root 11241100x800000000000000084855Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f0cbd92fe7275cf2021-12-17 11:29:19.557root 11241100x800000000000000084856Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ed7f5d64eed089b2021-12-17 11:29:19.557root 11241100x800000000000000084857Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.583b9555804b5d712021-12-17 11:29:19.558root 11241100x800000000000000084858Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5474e444016ea8132021-12-17 11:29:19.558root 11241100x800000000000000084859Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.28c316a3ae4e46622021-12-17 11:29:19.558root 11241100x800000000000000084860Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c02c00f60570c6a52021-12-17 11:29:19.558root 11241100x800000000000000084861Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af43344c063c4c872021-12-17 11:29:19.558root 11241100x800000000000000084862Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48a94f27b949f1502021-12-17 11:29:19.558root 11241100x800000000000000084863Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.748b318b43aba4222021-12-17 11:29:19.558root 11241100x800000000000000084864Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d64510631d4797b2021-12-17 11:29:19.558root 11241100x800000000000000084865Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8592fbddbe2b5e9c2021-12-17 11:29:19.559root 11241100x800000000000000084866Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d91bd934f7a47942021-12-17 11:29:19.559root 11241100x800000000000000084867Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.765c253ec23425072021-12-17 11:29:19.559root 11241100x800000000000000084868Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.88ca5bfd05f62c612021-12-17 11:29:19.559root 11241100x800000000000000084869Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.405d4a71ae30c7432021-12-17 11:29:19.559root 11241100x800000000000000084870Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7825d535873e4e7f2021-12-17 11:29:19.559root 11241100x800000000000000084871Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d6fb4a83ff651932021-12-17 11:29:19.559root 11241100x800000000000000084872Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eab34b6cbd4bb67b2021-12-17 11:29:19.559root 11241100x800000000000000084873Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d69dacdc5bfaaa732021-12-17 11:29:19.559root 11241100x800000000000000084874Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2b243d85adfa7bd92021-12-17 11:29:19.559root 11241100x800000000000000084875Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.165dc3b4dfdfe7a22021-12-17 11:29:19.560root 11241100x800000000000000084876Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.74a5d7723dee05582021-12-17 11:29:19.560root 11241100x800000000000000084877Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d62dcc8876fd2f02021-12-17 11:29:19.560root 11241100x800000000000000084878Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.22d43b73056173272021-12-17 11:29:19.560root 11241100x800000000000000084879Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ecebc1be213aed32021-12-17 11:29:19.560root 11241100x800000000000000084880Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:19.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.121c33badf4140512021-12-17 11:29:19.560root 11241100x800000000000000084881Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:20.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.259a8fcfa93f742c2021-12-17 11:29:20.057root 11241100x800000000000000084882Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:20.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f418dfc689a39c262021-12-17 11:29:20.057root 11241100x800000000000000084883Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:20.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b5fe043cfaa275512021-12-17 11:29:20.057root 11241100x800000000000000084884Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:20.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f61555b8f300c042021-12-17 11:29:20.058root 11241100x800000000000000084885Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:20.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed3ad9cfe05ea8642021-12-17 11:29:20.058root 11241100x800000000000000084886Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:20.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2478f22ef4fed3302021-12-17 11:29:20.058root 11241100x800000000000000084887Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:20.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dfadcb861ebc11582021-12-17 11:29:20.058root 11241100x800000000000000084888Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:20.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d91efcfa430072c12021-12-17 11:29:20.058root 11241100x800000000000000084889Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:20.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed1390aac5d5a8c72021-12-17 11:29:20.058root 11241100x800000000000000084890Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:20.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b3c824e177745ee2021-12-17 11:29:20.058root 11241100x800000000000000084891Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:20.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b2654ccd9485c32c2021-12-17 11:29:20.058root 11241100x800000000000000084892Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:20.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc63a90de7be16ea2021-12-17 11:29:20.058root 11241100x800000000000000084893Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:20.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a7d7a94700b904a22021-12-17 11:29:20.059root 11241100x800000000000000084894Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:20.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a266db281b762e202021-12-17 11:29:20.059root 11241100x800000000000000084895Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:20.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bad4eca0aa563ee12021-12-17 11:29:20.059root 11241100x800000000000000084896Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:20.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.31b09bbb7573bb4f2021-12-17 11:29:20.059root 11241100x800000000000000084897Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:20.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.61e215601c8326d62021-12-17 11:29:20.059root 11241100x800000000000000084898Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:20.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f8b6c4f34c9fbe0d2021-12-17 11:29:20.059root 11241100x800000000000000084899Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:20.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b6a07c3b4a285f162021-12-17 11:29:20.059root 11241100x800000000000000084900Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:20.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4bb8ef3917865bca2021-12-17 11:29:20.059root 11241100x800000000000000084901Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:20.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a30d2299403bef4c2021-12-17 11:29:20.059root 11241100x800000000000000084902Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:20.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d5f2ee4daa7c2de52021-12-17 11:29:20.059root 11241100x800000000000000084903Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:20.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6f4bbfd2a428c6852021-12-17 11:29:20.059root 11241100x800000000000000084904Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:20.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ebeaa6f1edc731d2021-12-17 11:29:20.060root 11241100x800000000000000084905Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:20.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.325d5d228cb770cd2021-12-17 11:29:20.060root 11241100x800000000000000084906Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:20.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.65487cb4b1e218cc2021-12-17 11:29:20.060root 11241100x800000000000000084907Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:20.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e02776dbc754aa92021-12-17 11:29:20.060root 11241100x800000000000000084908Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:20.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a8b575c265bc6fe2021-12-17 11:29:20.060root 11241100x800000000000000084909Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:20.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.52a57439f9cb80c82021-12-17 11:29:20.060root 11241100x800000000000000084910Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:20.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de043f1c58aa9ca52021-12-17 11:29:20.060root 11241100x800000000000000084911Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:20.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ab277c82969e8802021-12-17 11:29:20.557root 11241100x800000000000000084912Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:20.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6c3725ac3f174f42021-12-17 11:29:20.557root 11241100x800000000000000084913Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:20.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d61e71d1ea602d522021-12-17 11:29:20.557root 11241100x800000000000000084914Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:20.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b8dd8708e36143a62021-12-17 11:29:20.558root 11241100x800000000000000084915Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:20.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bfd3a5572747cd542021-12-17 11:29:20.558root 11241100x800000000000000084916Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:20.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc8dbe46f870b0612021-12-17 11:29:20.558root 11241100x800000000000000084917Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:20.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d101577baa2d090f2021-12-17 11:29:20.558root 11241100x800000000000000084918Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:20.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.574b195072e28a622021-12-17 11:29:20.558root 11241100x800000000000000084919Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:20.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.731f53979469b8e32021-12-17 11:29:20.559root 11241100x800000000000000084920Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:20.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.06ca3542164f5ef02021-12-17 11:29:20.559root 11241100x800000000000000084921Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:20.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c646d24bb46b32092021-12-17 11:29:20.559root 11241100x800000000000000084922Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:20.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dcaba7869e9252392021-12-17 11:29:20.559root 11241100x800000000000000084923Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:20.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a7399754ad76e3d62021-12-17 11:29:20.559root 11241100x800000000000000084924Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:20.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9acee5e7827cc88e2021-12-17 11:29:20.559root 11241100x800000000000000084925Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:20.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6edb5dd0e3f9057e2021-12-17 11:29:20.559root 11241100x800000000000000084926Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:20.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0168a14585c4ab6a2021-12-17 11:29:20.560root 11241100x800000000000000084927Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:20.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.18714869e9ac1ee62021-12-17 11:29:20.560root 11241100x800000000000000084928Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:20.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.55ce88c2608a1af02021-12-17 11:29:20.561root 11241100x800000000000000084929Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:20.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.059ecfb6799354f02021-12-17 11:29:20.561root 11241100x800000000000000084930Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:20.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4eb6fcd0de481dae2021-12-17 11:29:20.561root 11241100x800000000000000084931Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:20.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.19d45dcf55266a5e2021-12-17 11:29:20.561root 11241100x800000000000000084932Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:20.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0ee8573312e13e802021-12-17 11:29:20.561root 11241100x800000000000000084933Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:20.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2640472da702b7a72021-12-17 11:29:20.561root 11241100x800000000000000084934Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:20.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c3b4ad06ebbc42d2021-12-17 11:29:20.562root 11241100x800000000000000084935Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:20.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.087eb656483a1c1e2021-12-17 11:29:20.562root 11241100x800000000000000084936Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:20.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d2d4200965b059152021-12-17 11:29:20.562root 11241100x800000000000000084937Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:20.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c6cf92ed70df18a2021-12-17 11:29:20.562root 11241100x800000000000000084938Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:20.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.05074984bef6770f2021-12-17 11:29:20.562root 11241100x800000000000000084939Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:20.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.01da84ca971fc8812021-12-17 11:29:20.562root 11241100x800000000000000084940Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:20.563{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.73ddb05b332764132021-12-17 11:29:20.563root 11241100x800000000000000084941Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b25c0dd96a91a372021-12-17 11:29:21.057root 11241100x800000000000000084942Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e53276919a2385122021-12-17 11:29:21.057root 11241100x800000000000000084943Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95864c5760f2dd642021-12-17 11:29:21.057root 11241100x800000000000000084944Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76bed8ae8f65284f2021-12-17 11:29:21.057root 11241100x800000000000000084945Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.74ea0f1d9bbd608f2021-12-17 11:29:21.058root 11241100x800000000000000084946Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.143b2be3691d0e562021-12-17 11:29:21.058root 11241100x800000000000000084947Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.81e583edfd98552c2021-12-17 11:29:21.058root 11241100x800000000000000084948Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.116d68070a8e014f2021-12-17 11:29:21.058root 11241100x800000000000000084949Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.87756e83c1cc747f2021-12-17 11:29:21.058root 11241100x800000000000000084950Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f9a3b42662b35cc2021-12-17 11:29:21.058root 11241100x800000000000000084951Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2a331e283cb186012021-12-17 11:29:21.059root 11241100x800000000000000084952Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa8f10cc61d04e7e2021-12-17 11:29:21.059root 11241100x800000000000000084953Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aea7571483703ec32021-12-17 11:29:21.059root 11241100x800000000000000084954Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f055ce8730c809ab2021-12-17 11:29:21.059root 11241100x800000000000000084955Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e42ee66c2a72b8072021-12-17 11:29:21.059root 11241100x800000000000000084956Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.065410b66d1cee772021-12-17 11:29:21.060root 11241100x800000000000000084957Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ccd820ba59e4e4942021-12-17 11:29:21.060root 11241100x800000000000000084958Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.88fdf577e44207ce2021-12-17 11:29:21.060root 11241100x800000000000000084959Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f8629e6840a65f902021-12-17 11:29:21.060root 11241100x800000000000000084960Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0741f60d70219e1a2021-12-17 11:29:21.060root 11241100x800000000000000084961Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.304eb7e64f1eabf82021-12-17 11:29:21.061root 11241100x800000000000000084962Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8bc130c29b1736b82021-12-17 11:29:21.061root 11241100x800000000000000084963Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a06c48dbbc32023a2021-12-17 11:29:21.061root 11241100x800000000000000084964Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6394e537a5f702a52021-12-17 11:29:21.061root 11241100x800000000000000084965Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f09a0c28cf8f0fd2021-12-17 11:29:21.061root 11241100x800000000000000084966Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9851a0dffc7354b92021-12-17 11:29:21.062root 11241100x800000000000000084967Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a3fafd4b425340ba2021-12-17 11:29:21.062root 11241100x800000000000000084968Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c493f74cce03f572021-12-17 11:29:21.063root 11241100x800000000000000084969Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.16252547002af2de2021-12-17 11:29:21.063root 11241100x800000000000000084970Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3760085e5775f5ca2021-12-17 11:29:21.063root 11241100x800000000000000084971Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5427e4a2ac7418e12021-12-17 11:29:21.063root 11241100x800000000000000084972Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4af48acff5bbf9482021-12-17 11:29:21.064root 11241100x800000000000000084973Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fdce947f2461a6ec2021-12-17 11:29:21.064root 11241100x800000000000000084974Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f46519446537134b2021-12-17 11:29:21.064root 11241100x800000000000000084975Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6085b48f514f1db72021-12-17 11:29:21.557root 11241100x800000000000000084976Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.59e9671648c2c4112021-12-17 11:29:21.557root 11241100x800000000000000084977Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.68012fe46af421422021-12-17 11:29:21.558root 11241100x800000000000000084978Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f544ba3a194f6422021-12-17 11:29:21.558root 11241100x800000000000000084979Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.406e6214346107982021-12-17 11:29:21.558root 11241100x800000000000000084980Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a9a6f254d42761042021-12-17 11:29:21.558root 11241100x800000000000000084981Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.045153962070e0d02021-12-17 11:29:21.558root 11241100x800000000000000084982Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b75c699909ce6042021-12-17 11:29:21.558root 11241100x800000000000000084983Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e5a40e2e5289dfb2021-12-17 11:29:21.559root 11241100x800000000000000084984Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be0fdddb3603cdaf2021-12-17 11:29:21.559root 11241100x800000000000000084985Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.92f97b31dbc864972021-12-17 11:29:21.559root 11241100x800000000000000084986Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b10caf0c459f3d0e2021-12-17 11:29:21.559root 11241100x800000000000000084987Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fffe3ea423801c772021-12-17 11:29:21.559root 11241100x800000000000000084988Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f938adc07c160f82021-12-17 11:29:21.559root 11241100x800000000000000084989Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4982e766b87423432021-12-17 11:29:21.559root 11241100x800000000000000084990Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf494e64d05e44142021-12-17 11:29:21.560root 11241100x800000000000000084991Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.17f385436d8cb9bf2021-12-17 11:29:21.560root 11241100x800000000000000084992Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b07ca0adcad647d02021-12-17 11:29:21.560root 11241100x800000000000000084993Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a10383346cdb5a7c2021-12-17 11:29:21.560root 11241100x800000000000000084994Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e239c71e7d6b5b7d2021-12-17 11:29:21.560root 11241100x800000000000000084995Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae7b67c90b298b132021-12-17 11:29:21.560root 11241100x800000000000000084996Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48695813ab3029ed2021-12-17 11:29:21.560root 11241100x800000000000000084997Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69455a23464822832021-12-17 11:29:21.561root 11241100x800000000000000084998Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.30534878921d5e772021-12-17 11:29:21.561root 11241100x800000000000000084999Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e5401caf0964a7ce2021-12-17 11:29:21.561root 11241100x800000000000000085000Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f1cd6afa5b064e22021-12-17 11:29:21.561root 11241100x800000000000000085001Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2bed2e4248deba042021-12-17 11:29:21.561root 11241100x800000000000000085002Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7dc618a73f6b01552021-12-17 11:29:21.561root 11241100x800000000000000085003Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.28fdb07fe3188b022021-12-17 11:29:21.562root 11241100x800000000000000085004Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:21.562{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.61c049875562355e2021-12-17 11:29:21.562root 11241100x800000000000000085005Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e0d410302fee3bd2021-12-17 11:29:22.057root 11241100x800000000000000085006Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a6c674c702c5c922021-12-17 11:29:22.057root 11241100x800000000000000085007Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f126ebe00d0390232021-12-17 11:29:22.058root 11241100x800000000000000085008Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd86a83c0766fbb12021-12-17 11:29:22.058root 11241100x800000000000000085009Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8f7550c5ee3be2d2021-12-17 11:29:22.058root 11241100x800000000000000085010Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0dae24c481fe4c3e2021-12-17 11:29:22.058root 11241100x800000000000000085011Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8772c1ac202e62bd2021-12-17 11:29:22.058root 11241100x800000000000000085012Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4ab8af1d963e6102021-12-17 11:29:22.058root 11241100x800000000000000085013Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d85901ef8ce87152021-12-17 11:29:22.059root 11241100x800000000000000085014Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e102a842605565032021-12-17 11:29:22.059root 11241100x800000000000000085015Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee6480c557c3a6062021-12-17 11:29:22.059root 11241100x800000000000000085016Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d409823ea68173e42021-12-17 11:29:22.059root 11241100x800000000000000085017Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6715a8b12e4c6542021-12-17 11:29:22.059root 11241100x800000000000000085018Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ed80e55637b0f4a2021-12-17 11:29:22.059root 11241100x800000000000000085019Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7165526e59a14ea12021-12-17 11:29:22.060root 11241100x800000000000000085020Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ebef37d542ef84302021-12-17 11:29:22.060root 11241100x800000000000000085021Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.013961a6dc1ca95f2021-12-17 11:29:22.060root 11241100x800000000000000085022Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e28c1f997f6942172021-12-17 11:29:22.060root 11241100x800000000000000085023Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c7e4806909533992021-12-17 11:29:22.060root 11241100x800000000000000085024Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c13ba0cd1a6ca972021-12-17 11:29:22.060root 11241100x800000000000000085025Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b61b251e6f9f50922021-12-17 11:29:22.060root 11241100x800000000000000085026Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a45894c3cf4837802021-12-17 11:29:22.060root 11241100x800000000000000085027Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4531337c85e224cb2021-12-17 11:29:22.060root 11241100x800000000000000085028Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f1e08b5360099092021-12-17 11:29:22.060root 11241100x800000000000000085029Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.51415a1798cf79ff2021-12-17 11:29:22.060root 11241100x800000000000000085030Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eeacce86c279d5b22021-12-17 11:29:22.060root 11241100x800000000000000085031Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.865f60e404cd72522021-12-17 11:29:22.060root 11241100x800000000000000085032Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.07dd7049c06f7df62021-12-17 11:29:22.060root 11241100x800000000000000085033Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b42f116150b79eef2021-12-17 11:29:22.060root 11241100x800000000000000085034Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8272451a376181a82021-12-17 11:29:22.061root 354300x800000000000000085035Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.228{ec28ba6a-70a3-61bc-5175-3a0400000000}5248/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-42990-false10.0.1.12-8000- 11241100x800000000000000085036Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.556{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d5033b1bc23c452d2021-12-17 11:29:22.556root 11241100x800000000000000085037Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.556{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4e5e6929a283a2d2021-12-17 11:29:22.556root 11241100x800000000000000085038Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf76a65f06bc926b2021-12-17 11:29:22.557root 11241100x800000000000000085039Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f923b96086799752021-12-17 11:29:22.557root 11241100x800000000000000085040Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fcdcb1fd798ded052021-12-17 11:29:22.557root 11241100x800000000000000085041Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3abf941c3bfb546a2021-12-17 11:29:22.557root 11241100x800000000000000085042Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.837b61cca626e48b2021-12-17 11:29:22.557root 11241100x800000000000000085043Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.62c6749fe28a0e3a2021-12-17 11:29:22.557root 11241100x800000000000000085044Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d3e7eed7c3acdf482021-12-17 11:29:22.557root 11241100x800000000000000085045Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b6f1cb65dc78abba2021-12-17 11:29:22.557root 11241100x800000000000000085046Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cfc7e210c5c057662021-12-17 11:29:22.557root 11241100x800000000000000085047Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.880bfa83b78cf3fb2021-12-17 11:29:22.557root 11241100x800000000000000085048Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a087f162c54914f2021-12-17 11:29:22.557root 11241100x800000000000000085049Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.246906aa038f93752021-12-17 11:29:22.557root 11241100x800000000000000085050Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c369936c1a6ccc82021-12-17 11:29:22.557root 11241100x800000000000000085051Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8798bc78f2e08a402021-12-17 11:29:22.557root 11241100x800000000000000085052Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e095d799a402bd782021-12-17 11:29:22.557root 11241100x800000000000000085053Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.488d324d0a6d62fd2021-12-17 11:29:22.557root 11241100x800000000000000085054Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b6717c52e5757112021-12-17 11:29:22.558root 11241100x800000000000000085055Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0aaef01bca63c4872021-12-17 11:29:22.558root 11241100x800000000000000085056Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d4f15fdba78c57c92021-12-17 11:29:22.558root 11241100x800000000000000085057Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.930c361b8a049f8e2021-12-17 11:29:22.558root 11241100x800000000000000085058Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e5d15014b40a94b72021-12-17 11:29:22.558root 11241100x800000000000000085059Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.73bc7b1825f8311f2021-12-17 11:29:22.558root 11241100x800000000000000085060Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5770cbcc7b96090b2021-12-17 11:29:22.558root 11241100x800000000000000085061Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4aed9d32c560f8702021-12-17 11:29:22.558root 11241100x800000000000000085062Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3c8dcf6c6393571e2021-12-17 11:29:22.558root 11241100x800000000000000085063Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e18a33c114438c62021-12-17 11:29:22.558root 11241100x800000000000000085064Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be29523c2a126a722021-12-17 11:29:22.558root 11241100x800000000000000085065Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2a60f730f5f2a2f72021-12-17 11:29:22.558root 11241100x800000000000000085066Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c6fcdbafef492d72021-12-17 11:29:22.558root 11241100x800000000000000085067Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.765611603f7f35372021-12-17 11:29:22.558root 11241100x800000000000000085068Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c818c0e966c6c2122021-12-17 11:29:22.559root 11241100x800000000000000085069Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ac8a89e1b3b93a52021-12-17 11:29:22.559root 11241100x800000000000000085070Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae36e862f370a26d2021-12-17 11:29:22.559root 11241100x800000000000000085071Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb7f40ca457441022021-12-17 11:29:22.559root 11241100x800000000000000085072Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.58561efd6d35406e2021-12-17 11:29:22.559root 11241100x800000000000000085073Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eed06cef23536d272021-12-17 11:29:22.559root 11241100x800000000000000085074Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:22.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.988863e550282f232021-12-17 11:29:22.559root 11241100x800000000000000085075Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc94814e430f6f412021-12-17 11:29:23.056root 11241100x800000000000000085076Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8bedf7cb93ab51392021-12-17 11:29:23.057root 11241100x800000000000000085077Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c34960f14d252b6a2021-12-17 11:29:23.057root 11241100x800000000000000085078Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d10dfb95bb3c5522021-12-17 11:29:23.057root 11241100x800000000000000085079Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8402d4060ef1942e2021-12-17 11:29:23.057root 11241100x800000000000000085080Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.40ad4c6c6226cd622021-12-17 11:29:23.057root 11241100x800000000000000085081Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.071c8691f4fc232e2021-12-17 11:29:23.057root 11241100x800000000000000085082Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a2d6552ce37a5cc22021-12-17 11:29:23.058root 11241100x800000000000000085083Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2a610c4f45360c6e2021-12-17 11:29:23.058root 11241100x800000000000000085084Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a58bc48fabef84ab2021-12-17 11:29:23.058root 11241100x800000000000000085085Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b8a303f26f3fb9fe2021-12-17 11:29:23.058root 11241100x800000000000000085086Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c1bfb82fcd0f92292021-12-17 11:29:23.058root 11241100x800000000000000085087Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d45fb3643c4ec9f2021-12-17 11:29:23.059root 11241100x800000000000000085088Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cb18f69848955aac2021-12-17 11:29:23.059root 11241100x800000000000000085089Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.16a24e17319866c12021-12-17 11:29:23.059root 11241100x800000000000000085090Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1d6c77f1da6f1fa2021-12-17 11:29:23.059root 11241100x800000000000000085091Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cda4f6bbc35bbbbe2021-12-17 11:29:23.059root 11241100x800000000000000085092Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.492da9fa7a85f55c2021-12-17 11:29:23.060root 11241100x800000000000000085093Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.88b6f1763f50cc472021-12-17 11:29:23.060root 11241100x800000000000000085094Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41b5d732379b176c2021-12-17 11:29:23.060root 11241100x800000000000000085095Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3a6cfd7fb7002012021-12-17 11:29:23.060root 11241100x800000000000000085096Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac63cf4d40bb30332021-12-17 11:29:23.060root 11241100x800000000000000085097Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.646a7e2c96db33732021-12-17 11:29:23.060root 11241100x800000000000000085098Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1727db668f4f55a22021-12-17 11:29:23.061root 11241100x800000000000000085099Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ead505eb90f5edf42021-12-17 11:29:23.061root 11241100x800000000000000085100Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d42d569b6fe218ba2021-12-17 11:29:23.062root 11241100x800000000000000085101Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.92a3026cf6eb27632021-12-17 11:29:23.062root 11241100x800000000000000085102Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a5a07e2459b3a9792021-12-17 11:29:23.062root 11241100x800000000000000085103Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.035c5a153196ad582021-12-17 11:29:23.062root 11241100x800000000000000085104Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8aa8a325c973672a2021-12-17 11:29:23.062root 11241100x800000000000000085105Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a88f6c6bccde3f92021-12-17 11:29:23.062root 11241100x800000000000000085106Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6e90db7036fa8eb32021-12-17 11:29:23.063root 11241100x800000000000000085107Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eefba113343c88852021-12-17 11:29:23.063root 11241100x800000000000000085108Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a70a391894c53142021-12-17 11:29:23.063root 11241100x800000000000000085109Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6436810f310ed9242021-12-17 11:29:23.063root 11241100x800000000000000085110Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.078d7d27bb8fd9bc2021-12-17 11:29:23.063root 11241100x800000000000000085111Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e3cebea1e78f8d32021-12-17 11:29:23.063root 11241100x800000000000000085112Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.533f6d893ccddf462021-12-17 11:29:23.063root 11241100x800000000000000085113Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.984f8b789d2c4b5b2021-12-17 11:29:23.063root 11241100x800000000000000085114Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f39c9091346031b2021-12-17 11:29:23.064root 11241100x800000000000000085115Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc93d9eacd2b9eb92021-12-17 11:29:23.064root 11241100x800000000000000085116Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.556{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c00dd1a93855ebb82021-12-17 11:29:23.556root 11241100x800000000000000085117Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ef40223e99f824f2021-12-17 11:29:23.557root 11241100x800000000000000085118Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.859b957fbc22d9ed2021-12-17 11:29:23.557root 11241100x800000000000000085119Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6aa5a64407a450d92021-12-17 11:29:23.557root 11241100x800000000000000085120Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.68a9d667b9ed84272021-12-17 11:29:23.557root 11241100x800000000000000085121Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ddb91889760b65b32021-12-17 11:29:23.557root 11241100x800000000000000085122Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21fe7347756a7ce52021-12-17 11:29:23.557root 11241100x800000000000000085123Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c0933996b317d9f2021-12-17 11:29:23.557root 11241100x800000000000000085124Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c8e11e3ee3db9a602021-12-17 11:29:23.557root 11241100x800000000000000085125Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e19313d1f347e08c2021-12-17 11:29:23.558root 11241100x800000000000000085126Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d25ecbdd58780952021-12-17 11:29:23.558root 11241100x800000000000000085127Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d9c3b2808dbcaee2021-12-17 11:29:23.558root 11241100x800000000000000085128Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b04f7d51eb618922021-12-17 11:29:23.558root 11241100x800000000000000085129Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.01c634c86ffa38ca2021-12-17 11:29:23.558root 11241100x800000000000000085130Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b0269c93f869ddc2021-12-17 11:29:23.558root 11241100x800000000000000085131Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e14fcd1fc0a7aa2d2021-12-17 11:29:23.558root 11241100x800000000000000085132Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff081736f3f253fe2021-12-17 11:29:23.558root 11241100x800000000000000085133Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e097caee7034f05d2021-12-17 11:29:23.558root 11241100x800000000000000085134Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.75e76178ee7b0dfd2021-12-17 11:29:23.559root 11241100x800000000000000085135Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4bc26da8c3dabd582021-12-17 11:29:23.559root 11241100x800000000000000085136Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6ada6b236027bbc2021-12-17 11:29:23.559root 11241100x800000000000000085137Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a68b8dadc22a7672021-12-17 11:29:23.559root 11241100x800000000000000085138Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e5572d1fb51724c2021-12-17 11:29:23.559root 11241100x800000000000000085139Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.52a8566ed98bc8402021-12-17 11:29:23.559root 11241100x800000000000000085140Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dca7b4d961c287e72021-12-17 11:29:23.559root 11241100x800000000000000085141Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77632f16bbf0c1a42021-12-17 11:29:23.559root 11241100x800000000000000085142Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c4847d6dafbef7832021-12-17 11:29:23.559root 11241100x800000000000000085143Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f63f607185f9e9872021-12-17 11:29:23.560root 11241100x800000000000000085144Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e14fd55e01ef9afd2021-12-17 11:29:23.560root 11241100x800000000000000085145Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.551a293181d4c91f2021-12-17 11:29:23.560root 11241100x800000000000000085146Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e085fb2ae4f1008b2021-12-17 11:29:23.560root 11241100x800000000000000085147Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae7d51a0b91287bf2021-12-17 11:29:23.560root 11241100x800000000000000085148Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.31e841d6a5cf3e102021-12-17 11:29:23.560root 11241100x800000000000000085149Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:23.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.24a387ca45fbcc612021-12-17 11:29:23.560root 11241100x800000000000000085150Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5dd48ce57ead7e0a2021-12-17 11:29:24.057root 11241100x800000000000000085151Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ecce278e23bdf30d2021-12-17 11:29:24.057root 11241100x800000000000000085152Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e5b62695780eb1b2021-12-17 11:29:24.057root 11241100x800000000000000085153Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f34ac5fb03ad5152021-12-17 11:29:24.058root 11241100x800000000000000085154Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f2de69889909c66c2021-12-17 11:29:24.058root 11241100x800000000000000085155Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b1861331a7096f42021-12-17 11:29:24.058root 11241100x800000000000000085156Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2dfa5504c6a7b7382021-12-17 11:29:24.058root 11241100x800000000000000085157Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.80309a65ce1b00632021-12-17 11:29:24.058root 11241100x800000000000000085158Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f28cf6d7817d96612021-12-17 11:29:24.058root 11241100x800000000000000085159Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d7232c1774582862021-12-17 11:29:24.058root 11241100x800000000000000085160Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e8ce3328d4c888d2021-12-17 11:29:24.058root 11241100x800000000000000085161Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.422f97ba09c4c4c12021-12-17 11:29:24.058root 11241100x800000000000000085162Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.03803465135d3e282021-12-17 11:29:24.059root 11241100x800000000000000085163Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2a04077e55d89d6a2021-12-17 11:29:24.059root 11241100x800000000000000085164Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a9480bb2eabb1e2f2021-12-17 11:29:24.059root 11241100x800000000000000085165Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d6dcfc254035e552021-12-17 11:29:24.059root 11241100x800000000000000085166Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fde0b1f4554f0b8f2021-12-17 11:29:24.059root 11241100x800000000000000085167Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fb73331dafb2a14d2021-12-17 11:29:24.059root 11241100x800000000000000085168Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc357673f0cbc4de2021-12-17 11:29:24.059root 11241100x800000000000000085169Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.49c2febc8f5d94b92021-12-17 11:29:24.059root 11241100x800000000000000085170Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48899603e22b4a372021-12-17 11:29:24.059root 11241100x800000000000000085171Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8e82f8c414ea8b52021-12-17 11:29:24.059root 11241100x800000000000000085172Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48f30cc47ec669f62021-12-17 11:29:24.060root 11241100x800000000000000085173Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bef31a5d9521b19a2021-12-17 11:29:24.060root 11241100x800000000000000085174Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4d2ce60304bec91e2021-12-17 11:29:24.060root 11241100x800000000000000085175Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f01a305bc9ac81c92021-12-17 11:29:24.060root 11241100x800000000000000085176Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1fecb7f3f4f6e76c2021-12-17 11:29:24.060root 11241100x800000000000000085177Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c82b8d12e53abad62021-12-17 11:29:24.060root 11241100x800000000000000085178Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bcf1941154d4f0aa2021-12-17 11:29:24.060root 11241100x800000000000000085179Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f4cb19570c028682021-12-17 11:29:24.060root 11241100x800000000000000085180Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a68176fda7f885be2021-12-17 11:29:24.060root 11241100x800000000000000085181Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5034fb90bf57c3912021-12-17 11:29:24.061root 11241100x800000000000000085182Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca755dc348cf80582021-12-17 11:29:24.061root 11241100x800000000000000085183Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.99e34838c8f491e42021-12-17 11:29:24.061root 11241100x800000000000000085184Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d7c6f84d0cccbb1b2021-12-17 11:29:24.061root 11241100x800000000000000085185Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cceebd7f5501ccbd2021-12-17 11:29:24.061root 11241100x800000000000000085186Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.556{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b7f445f2a4d4af42021-12-17 11:29:24.556root 11241100x800000000000000085187Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.556{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.78ff82a24feb24b92021-12-17 11:29:24.556root 11241100x800000000000000085188Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.556{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e1ff710c296c23322021-12-17 11:29:24.556root 11241100x800000000000000085189Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f2db5f97af12c272021-12-17 11:29:24.557root 11241100x800000000000000085190Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.99a30858fa0dd6cf2021-12-17 11:29:24.557root 11241100x800000000000000085191Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3dc1497cbf57b7ee2021-12-17 11:29:24.557root 11241100x800000000000000085192Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee8ce2a056ad636d2021-12-17 11:29:24.557root 11241100x800000000000000085193Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c4d18a55bca972022021-12-17 11:29:24.557root 11241100x800000000000000085194Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fdad1e4d6674beda2021-12-17 11:29:24.557root 11241100x800000000000000085195Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fbc1caffaa37ad992021-12-17 11:29:24.558root 11241100x800000000000000085196Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4034aafc39009e442021-12-17 11:29:24.558root 11241100x800000000000000085197Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7711334d7377b7912021-12-17 11:29:24.558root 11241100x800000000000000085198Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec55c5dad762cd092021-12-17 11:29:24.558root 11241100x800000000000000085199Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.681c0bd832470c2f2021-12-17 11:29:24.558root 11241100x800000000000000085200Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48c6b6173d1bdcd52021-12-17 11:29:24.558root 11241100x800000000000000085201Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ae361a3b0d92da82021-12-17 11:29:24.558root 11241100x800000000000000085202Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae13688d9a15772a2021-12-17 11:29:24.559root 11241100x800000000000000085203Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.93f4333baee8f2012021-12-17 11:29:24.559root 11241100x800000000000000085204Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e930c9587a4627c22021-12-17 11:29:24.559root 11241100x800000000000000085205Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.659faf7b4aac9aaa2021-12-17 11:29:24.559root 11241100x800000000000000085206Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47b74278b517f0192021-12-17 11:29:24.559root 11241100x800000000000000085207Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1b40cab712d9b312021-12-17 11:29:24.559root 11241100x800000000000000085208Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.434380b21b7616bb2021-12-17 11:29:24.559root 11241100x800000000000000085209Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba33515b7169e5542021-12-17 11:29:24.559root 11241100x800000000000000085210Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2b9f35d90bebb2e22021-12-17 11:29:24.559root 11241100x800000000000000085211Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.26eb89cc4650952d2021-12-17 11:29:24.560root 11241100x800000000000000085212Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.62131ed38376f28b2021-12-17 11:29:24.560root 11241100x800000000000000085213Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.027c97e3296284252021-12-17 11:29:24.560root 11241100x800000000000000085214Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa55d7e0aeedf3762021-12-17 11:29:24.560root 11241100x800000000000000085215Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3bbda15fdea22a0d2021-12-17 11:29:24.560root 11241100x800000000000000085216Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41cff05bc8ac25c32021-12-17 11:29:24.560root 11241100x800000000000000085217Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.20a8a80582cafacb2021-12-17 11:29:24.560root 11241100x800000000000000085218Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.26c1ae2391bc1fcf2021-12-17 11:29:24.560root 11241100x800000000000000085219Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9f89c6b220b484c52021-12-17 11:29:24.560root 11241100x800000000000000085220Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.78e9fb3b1deec9312021-12-17 11:29:24.560root 11241100x800000000000000085221Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5bc7877ca8bc2c892021-12-17 11:29:24.561root 11241100x800000000000000085222Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ee4d05ad0f7b94e2021-12-17 11:29:24.561root 11241100x800000000000000085223Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:24.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e306d64fd796721e2021-12-17 11:29:24.561root 11241100x800000000000000085224Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd5d4d9998dfc7152021-12-17 11:29:25.057root 11241100x800000000000000085225Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3c0b65ab144223232021-12-17 11:29:25.057root 11241100x800000000000000085226Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc138f8909eebf582021-12-17 11:29:25.057root 11241100x800000000000000085227Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.31b0a730e75706d32021-12-17 11:29:25.057root 11241100x800000000000000085228Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ccc31073b1a9ae842021-12-17 11:29:25.057root 11241100x800000000000000085229Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54565d07f0cdba4a2021-12-17 11:29:25.057root 11241100x800000000000000085230Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0bfba5549b1cf4002021-12-17 11:29:25.057root 11241100x800000000000000085231Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc6173e5f8bcc2792021-12-17 11:29:25.057root 11241100x800000000000000085232Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a2118e93eccd43812021-12-17 11:29:25.057root 11241100x800000000000000085233Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6498000ef81cc1992021-12-17 11:29:25.058root 11241100x800000000000000085234Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.75b63b50de536d592021-12-17 11:29:25.058root 11241100x800000000000000085235Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09a9a9e60cd082ec2021-12-17 11:29:25.058root 11241100x800000000000000085236Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0105e0a06faba31b2021-12-17 11:29:25.058root 11241100x800000000000000085237Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.88b79c6e9bd5e5ef2021-12-17 11:29:25.058root 11241100x800000000000000085238Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d3482f94aab2c0e2021-12-17 11:29:25.058root 11241100x800000000000000085239Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.05fabfc0342df67a2021-12-17 11:29:25.058root 11241100x800000000000000085240Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f917904f2fa336612021-12-17 11:29:25.059root 11241100x800000000000000085241Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.67fcac0c80f220392021-12-17 11:29:25.059root 11241100x800000000000000085242Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd6290fd2c4a2c772021-12-17 11:29:25.059root 11241100x800000000000000085243Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e01bc86266877f8a2021-12-17 11:29:25.059root 11241100x800000000000000085244Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fbd8b5f4719358ef2021-12-17 11:29:25.059root 11241100x800000000000000085245Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.18fc40387815e7aa2021-12-17 11:29:25.059root 11241100x800000000000000085246Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d83cf614cede280c2021-12-17 11:29:25.059root 11241100x800000000000000085247Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc6ac6e5878567902021-12-17 11:29:25.059root 11241100x800000000000000085248Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.80ebd04d9e0d80622021-12-17 11:29:25.059root 11241100x800000000000000085249Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.314586f6111f2da62021-12-17 11:29:25.060root 11241100x800000000000000085250Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de5ab7b7c162113a2021-12-17 11:29:25.060root 11241100x800000000000000085251Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f273cac119797fb2021-12-17 11:29:25.060root 11241100x800000000000000085252Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.840fba29ef42cd1a2021-12-17 11:29:25.061root 11241100x800000000000000085253Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc378670ee0f99c12021-12-17 11:29:25.061root 11241100x800000000000000085254Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c3cbc2be7e4969d32021-12-17 11:29:25.061root 11241100x800000000000000085255Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.61656b02bc52a8c52021-12-17 11:29:25.061root 11241100x800000000000000085256Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc313fbf89bcfe9a2021-12-17 11:29:25.061root 11241100x800000000000000085257Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3465f2990bafa0e42021-12-17 11:29:25.061root 11241100x800000000000000085258Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e3045a10db426eb92021-12-17 11:29:25.061root 11241100x800000000000000085259Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c6596d2cf31589f2021-12-17 11:29:25.061root 11241100x800000000000000085260Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.52ea255ef1fcac132021-12-17 11:29:25.061root 11241100x800000000000000085261Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.15a2077232343cc22021-12-17 11:29:25.062root 11241100x800000000000000085262Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c289bac7646a47e2021-12-17 11:29:25.062root 11241100x800000000000000085263Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3cbbdaba0931d7a12021-12-17 11:29:25.062root 11241100x800000000000000085264Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.57385c15ba32e5c22021-12-17 11:29:25.062root 11241100x800000000000000085265Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c5dcf27d3885270e2021-12-17 11:29:25.062root 11241100x800000000000000085266Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb06c72061d6cf5e2021-12-17 11:29:25.062root 11241100x800000000000000085267Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e8d5a10aa7e84c02021-12-17 11:29:25.062root 11241100x800000000000000085268Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.556{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef672850274bd1cd2021-12-17 11:29:25.556root 11241100x800000000000000085269Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.841fcf4fe9d6a7a52021-12-17 11:29:25.557root 11241100x800000000000000085270Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6f911d46c79f5d662021-12-17 11:29:25.557root 11241100x800000000000000085271Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.05ab8626bf63a93f2021-12-17 11:29:25.557root 11241100x800000000000000085272Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.080111854cd278922021-12-17 11:29:25.557root 11241100x800000000000000085273Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9f31f1824e9fc00e2021-12-17 11:29:25.557root 11241100x800000000000000085274Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5575c62df4dc15c72021-12-17 11:29:25.557root 11241100x800000000000000085275Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.903e3c9a9e93adae2021-12-17 11:29:25.557root 11241100x800000000000000085276Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7448dfc984bc156e2021-12-17 11:29:25.557root 11241100x800000000000000085277Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9349dbfaa92f80ee2021-12-17 11:29:25.557root 11241100x800000000000000085278Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cfdaa70e0a210c212021-12-17 11:29:25.557root 11241100x800000000000000085279Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b09cba449c48a4c2021-12-17 11:29:25.558root 11241100x800000000000000085280Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6fcac7189662ffc52021-12-17 11:29:25.558root 11241100x800000000000000085281Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d5a496bf8d6725d2021-12-17 11:29:25.558root 11241100x800000000000000085282Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.35e1a4710ab4b6382021-12-17 11:29:25.558root 11241100x800000000000000085283Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.66232269e6f91ff52021-12-17 11:29:25.558root 11241100x800000000000000085284Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3469acef632fe9d72021-12-17 11:29:25.558root 11241100x800000000000000085285Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3151f891282ff1932021-12-17 11:29:25.558root 11241100x800000000000000085286Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0141855b9d3949be2021-12-17 11:29:25.558root 11241100x800000000000000085287Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fadf248fc1671a3c2021-12-17 11:29:25.558root 11241100x800000000000000085288Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.caca07ce7bf64d902021-12-17 11:29:25.559root 11241100x800000000000000085289Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bfbb1db7a5ab5dee2021-12-17 11:29:25.559root 11241100x800000000000000085290Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.513a0dff4f72ec232021-12-17 11:29:25.559root 11241100x800000000000000085291Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.32a5c85f8355ca592021-12-17 11:29:25.559root 11241100x800000000000000085292Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d7e9895393446d412021-12-17 11:29:25.559root 11241100x800000000000000085293Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd40cd3be01371a22021-12-17 11:29:25.559root 11241100x800000000000000085294Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.894d7fcc02096dc32021-12-17 11:29:25.559root 11241100x800000000000000085295Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb29f11dd4fb89f72021-12-17 11:29:25.560root 11241100x800000000000000085296Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a744a0b713b00d2c2021-12-17 11:29:25.560root 11241100x800000000000000085297Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b88c142d3c7a216d2021-12-17 11:29:25.560root 11241100x800000000000000085298Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.17abb16818aef1a72021-12-17 11:29:25.560root 11241100x800000000000000085299Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c8255dee4d2bcd402021-12-17 11:29:25.560root 11241100x800000000000000085300Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.83d3678060f46d4f2021-12-17 11:29:25.560root 11241100x800000000000000085301Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cb044c716f74e00d2021-12-17 11:29:25.560root 11241100x800000000000000085302Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48963fc774ad0bfb2021-12-17 11:29:25.561root 11241100x800000000000000085303Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5fa201a8c473cb3e2021-12-17 11:29:25.561root 11241100x800000000000000085304Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a028c00c8a37a7712021-12-17 11:29:25.561root 11241100x800000000000000085305Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c93dfc69585b4202021-12-17 11:29:25.561root 11241100x800000000000000085306Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d4207d8ded5dac4e2021-12-17 11:29:25.561root 11241100x800000000000000085307Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe7ff97fd68ef5c62021-12-17 11:29:25.561root 11241100x800000000000000085308Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:25.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba3621ee6907de052021-12-17 11:29:25.561root 11241100x800000000000000085309Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.61a4b48ad9db66a52021-12-17 11:29:26.057root 11241100x800000000000000085310Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4cb03c69ed40b532021-12-17 11:29:26.057root 11241100x800000000000000085311Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b194762c56508b22021-12-17 11:29:26.057root 11241100x800000000000000085312Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eaec97c1830a64182021-12-17 11:29:26.057root 11241100x800000000000000085313Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3bc3ec6f1f4ef6502021-12-17 11:29:26.057root 11241100x800000000000000085314Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b20d346b719cf9cd2021-12-17 11:29:26.057root 11241100x800000000000000085315Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6cc707d83bd46a892021-12-17 11:29:26.057root 11241100x800000000000000085316Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a4009cffe0304dc2021-12-17 11:29:26.057root 11241100x800000000000000085317Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0cb2f6862edd0f3a2021-12-17 11:29:26.057root 11241100x800000000000000085318Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc1e926be8b1f5ba2021-12-17 11:29:26.058root 11241100x800000000000000085319Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.817549aa47c6b04b2021-12-17 11:29:26.058root 11241100x800000000000000085320Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4e76451d00e48d92021-12-17 11:29:26.058root 11241100x800000000000000085321Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e228f5c4c93dcc332021-12-17 11:29:26.058root 11241100x800000000000000085322Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3144f47d0b3df132021-12-17 11:29:26.058root 11241100x800000000000000085323Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b5db54db4dd7c1d42021-12-17 11:29:26.058root 11241100x800000000000000085324Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8ef3b33cb2554922021-12-17 11:29:26.058root 11241100x800000000000000085325Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.625912be233e85ea2021-12-17 11:29:26.058root 11241100x800000000000000085326Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.19ce2318b07722312021-12-17 11:29:26.058root 11241100x800000000000000085327Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.13098df95eaa9ab52021-12-17 11:29:26.059root 11241100x800000000000000085328Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25e7e9783659b3be2021-12-17 11:29:26.059root 11241100x800000000000000085329Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.04a083294118dbbb2021-12-17 11:29:26.059root 11241100x800000000000000085330Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cda517ab5aeff4902021-12-17 11:29:26.059root 11241100x800000000000000085331Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a86be7b549d85dc02021-12-17 11:29:26.059root 11241100x800000000000000085332Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1589012df59b645f2021-12-17 11:29:26.059root 11241100x800000000000000085333Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd8ca97490455d272021-12-17 11:29:26.059root 11241100x800000000000000085334Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de1dde5e6df9a1702021-12-17 11:29:26.059root 11241100x800000000000000085335Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa95a0d2daa01fa82021-12-17 11:29:26.059root 11241100x800000000000000085336Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec298b8ed8706b232021-12-17 11:29:26.059root 11241100x800000000000000085337Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.071f405fd44266842021-12-17 11:29:26.060root 11241100x800000000000000085338Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e726db7f630cbe072021-12-17 11:29:26.060root 11241100x800000000000000085339Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d815f1f9886b5c52021-12-17 11:29:26.060root 11241100x800000000000000085340Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.19e302cd3ad0e85e2021-12-17 11:29:26.060root 11241100x800000000000000085341Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc54de3a0a282c532021-12-17 11:29:26.557root 11241100x800000000000000085342Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.29826b8edfe44cf42021-12-17 11:29:26.557root 11241100x800000000000000085343Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9bbd7465c7a9aa562021-12-17 11:29:26.557root 11241100x800000000000000085344Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9214403f91bc60f32021-12-17 11:29:26.557root 11241100x800000000000000085345Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b3b7cee79ca6f022021-12-17 11:29:26.557root 11241100x800000000000000085346Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.169f8ba0e646da662021-12-17 11:29:26.558root 11241100x800000000000000085347Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a71bafef2c7391712021-12-17 11:29:26.558root 11241100x800000000000000085348Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.27cad657f3a570bb2021-12-17 11:29:26.558root 11241100x800000000000000085349Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.562e3a769b4992612021-12-17 11:29:26.558root 11241100x800000000000000085350Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f5b00abf935d02912021-12-17 11:29:26.558root 11241100x800000000000000085351Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a23f84d284cdc32f2021-12-17 11:29:26.558root 11241100x800000000000000085352Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63f0b66a704b9d562021-12-17 11:29:26.558root 11241100x800000000000000085353Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.697235b5abd9c3ef2021-12-17 11:29:26.558root 11241100x800000000000000085354Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be71153d4561ae222021-12-17 11:29:26.559root 11241100x800000000000000085355Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0eb577049e684722021-12-17 11:29:26.559root 11241100x800000000000000085356Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3875f6c3f2091c512021-12-17 11:29:26.559root 11241100x800000000000000085357Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6e241c5a18ad7272021-12-17 11:29:26.559root 11241100x800000000000000085358Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c8b6b5a50438fe9c2021-12-17 11:29:26.559root 11241100x800000000000000085359Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4019974ef88c59d02021-12-17 11:29:26.559root 11241100x800000000000000085360Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.559{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ea69e3c4a96d1f42021-12-17 11:29:26.559root 11241100x800000000000000085361Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.478a5f867acb7e2e2021-12-17 11:29:26.560root 11241100x800000000000000085362Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.24d227a7f8d1a9892021-12-17 11:29:26.560root 11241100x800000000000000085363Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.578455071f496e632021-12-17 11:29:26.560root 11241100x800000000000000085364Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b2ae5a5dd8111cf02021-12-17 11:29:26.560root 11241100x800000000000000085365Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9991ca1569648d382021-12-17 11:29:26.560root 11241100x800000000000000085366Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.271a7f9f2864f9462021-12-17 11:29:26.560root 11241100x800000000000000085367Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.337bdc1029f5b1152021-12-17 11:29:26.560root 11241100x800000000000000085368Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9f84f10740e84a7c2021-12-17 11:29:26.560root 11241100x800000000000000085369Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.560{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.46d0c21c82fc76022021-12-17 11:29:26.560root 11241100x800000000000000085370Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c27cd88354ccea272021-12-17 11:29:26.561root 11241100x800000000000000085371Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:26.561{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c9eca0ffa0dd89042021-12-17 11:29:26.561root 11241100x800000000000000085372Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0ab3ef38f0010162021-12-17 11:29:27.056root 11241100x800000000000000085373Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4fb7ef74d32dbe182021-12-17 11:29:27.056root 11241100x800000000000000085374Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8cd96df512d3045f2021-12-17 11:29:27.056root 11241100x800000000000000085375Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.056{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e0db8fb081dba802021-12-17 11:29:27.056root 11241100x800000000000000085376Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.658ec14357b5a7422021-12-17 11:29:27.057root 11241100x800000000000000085377Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c2cc6dd7d6998152021-12-17 11:29:27.057root 11241100x800000000000000085378Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1eea662779641ef2021-12-17 11:29:27.057root 11241100x800000000000000085379Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f441396a242d3b1e2021-12-17 11:29:27.057root 11241100x800000000000000085380Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cb280c4c7e7664ac2021-12-17 11:29:27.057root 11241100x800000000000000085381Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91184f643fc082552021-12-17 11:29:27.057root 11241100x800000000000000085382Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d59a4086648a8f312021-12-17 11:29:27.057root 11241100x800000000000000085383Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af14255a209797042021-12-17 11:29:27.057root 11241100x800000000000000085384Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.057{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90bea07e1f25caba2021-12-17 11:29:27.057root 11241100x800000000000000085385Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0129de4ca0ba1bd42021-12-17 11:29:27.058root 11241100x800000000000000085386Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fab515ce5c9d3a032021-12-17 11:29:27.058root 11241100x800000000000000085387Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8438b4695711e8432021-12-17 11:29:27.058root 11241100x800000000000000085388Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.876570b0cd1cb4762021-12-17 11:29:27.058root 11241100x800000000000000085389Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a2c32d0171f03add2021-12-17 11:29:27.058root 11241100x800000000000000085390Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.67aed0dd385836f62021-12-17 11:29:27.058root 11241100x800000000000000085391Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc2f4665a9c7f13d2021-12-17 11:29:27.058root 11241100x800000000000000085392Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa09275a849452c42021-12-17 11:29:27.058root 11241100x800000000000000085393Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.058{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3913ac6891c2d392021-12-17 11:29:27.058root 11241100x800000000000000085394Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76a0a32ec8f25fdc2021-12-17 11:29:27.059root 11241100x800000000000000085395Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9330e51932532c9b2021-12-17 11:29:27.059root 11241100x800000000000000085396Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6f90f6fb8da1f6382021-12-17 11:29:27.059root 11241100x800000000000000085397Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.738d4724caa5ce9c2021-12-17 11:29:27.059root 11241100x800000000000000085398Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.104a42ec43d840c92021-12-17 11:29:27.059root 11241100x800000000000000085399Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e59d0dc8ef8818782021-12-17 11:29:27.059root 11241100x800000000000000085400Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a7a2827e0a1d1892021-12-17 11:29:27.059root 11241100x800000000000000085401Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.11b6fbc2c51a17022021-12-17 11:29:27.059root 11241100x800000000000000085402Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8a5322f37fc897542021-12-17 11:29:27.059root 11241100x800000000000000085403Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.059{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7397d57fc18fc6702021-12-17 11:29:27.059root 11241100x800000000000000085404Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fcbeefbfdcbbced22021-12-17 11:29:27.060root 11241100x800000000000000085405Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.81762fbbefb816b52021-12-17 11:29:27.060root 11241100x800000000000000085406Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe11f88f0fa027572021-12-17 11:29:27.060root 11241100x800000000000000085407Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.060{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e04ecc7a30ae48d32021-12-17 11:29:27.060root 11241100x800000000000000085408Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.127bbc87d2aa91f02021-12-17 11:29:27.061root 11241100x800000000000000085409Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09e9a277eb2d59922021-12-17 11:29:27.061root 11241100x800000000000000085410Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.82a99a7e23b1eec92021-12-17 11:29:27.061root 11241100x800000000000000085411Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.061{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a87051a613b7973f2021-12-17 11:29:27.061root 11241100x800000000000000085412Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.93e1ea5533eae76f2021-12-17 11:29:27.062root 11241100x800000000000000085413Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.45325bf2699eddc42021-12-17 11:29:27.062root 11241100x800000000000000085414Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b50deeb19cbbdcea2021-12-17 11:29:27.062root 11241100x800000000000000085415Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a01d287f1db91a142021-12-17 11:29:27.062root 11241100x800000000000000085416Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.062{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a50f18c8b1f0eec2021-12-17 11:29:27.062root 11241100x800000000000000085417Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f1e66ddc1660d5df2021-12-17 11:29:27.063root 11241100x800000000000000085418Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c5de0d9f1b232c2d2021-12-17 11:29:27.063root 11241100x800000000000000085419Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.05010115f73b346a2021-12-17 11:29:27.063root 11241100x800000000000000085420Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.68b13d6a3121a3272021-12-17 11:29:27.063root 11241100x800000000000000085421Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cfd727caeaa02ec42021-12-17 11:29:27.063root 11241100x800000000000000085422Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.179861b1cf56a1b22021-12-17 11:29:27.063root 11241100x800000000000000085423Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.063{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.265fcb7f7306c9582021-12-17 11:29:27.063root 11241100x800000000000000085424Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.695ec8ce3844f6372021-12-17 11:29:27.064root 11241100x800000000000000085425Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f65f243326061b832021-12-17 11:29:27.064root 11241100x800000000000000085426Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.43b16b9c7002b2fa2021-12-17 11:29:27.064root 11241100x800000000000000085427Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e921a6febf9a30ec2021-12-17 11:29:27.064root 11241100x800000000000000085428Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c16ab5ae31be24c82021-12-17 11:29:27.064root 11241100x800000000000000085429Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3ee6d982cfc483a2021-12-17 11:29:27.064root 11241100x800000000000000085430Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.064{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a0520516e94c8dc2021-12-17 11:29:27.064root 11241100x800000000000000085431Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9eeca4bcef92d3612021-12-17 11:29:27.557root 11241100x800000000000000085432Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f524e9e2ed94257e2021-12-17 11:29:27.557root 11241100x800000000000000085433Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d24f6b46216100d2021-12-17 11:29:27.557root 11241100x800000000000000085434Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.12edd6d5f424e4322021-12-17 11:29:27.557root 11241100x800000000000000085435Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.557{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.32b9615ebc460fc02021-12-17 11:29:27.557root 11241100x800000000000000085436Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4cfbe33e53fb28452021-12-17 11:29:27.558root 11241100x800000000000000085437Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-216-2021-12-17 11:29:27.558{ec28ba6a-70a0-61bc-3048-f825f0550000}5243/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b22d45d675537fa2021-12-17 11:29:27.558root 11241100x800000