11241100x8000000000000000856501Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:00.174{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.643840f3cb5b53472021-12-20 16:36:00.174root
11241100x8000000000000000856502Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:00.174{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63c480b47a2d90652021-12-20 16:36:00.174root
11241100x8000000000000000856503Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:00.174{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe253c22085c7de42021-12-20 16:36:00.174root
11241100x8000000000000000856504Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:00.174{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9cc64d78b35d1b0e2021-12-20 16:36:00.174root
11241100x8000000000000000856505Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:00.174{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.645b7692736979cb2021-12-20 16:36:00.174root
11241100x8000000000000000856506Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:00.175{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec3b9d61d8462c5a2021-12-20 16:36:00.175root
11241100x8000000000000000856507Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:00.175{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.19a38df2363834b72021-12-20 16:36:00.175root
11241100x8000000000000000856508Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:00.175{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c453e093a98332102021-12-20 16:36:00.175root
11241100x8000000000000000856509Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:00.175{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9bb2f760af8286d52021-12-20 16:36:00.175root
11241100x8000000000000000856510Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:00.175{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91a0011db45df3c42021-12-20 16:36:00.175root
11241100x8000000000000000856511Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:00.175{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.20dd2007493fa0ad2021-12-20 16:36:00.175root
11241100x8000000000000000856512Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:00.175{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f6532abbb2250d4b2021-12-20 16:36:00.175root
11241100x8000000000000000856513Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:00.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9322fdea695c36a22021-12-20 16:36:00.176root
11241100x8000000000000000856514Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:00.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a290a5b0466984b52021-12-20 16:36:00.176root
11241100x8000000000000000856515Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:00.177{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.400fc15301351fb42021-12-20 16:36:00.177root
11241100x8000000000000000856516Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:00.177{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e06d113f7b4236f2021-12-20 16:36:00.177root
11241100x8000000000000000856517Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:00.177{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.002bb639d6405b722021-12-20 16:36:00.177root
11241100x8000000000000000856518Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:00.178{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc30b9f06b778dcd2021-12-20 16:36:00.178root
11241100x8000000000000000856519Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:00.178{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa15c45f2e6cd8342021-12-20 16:36:00.178root
11241100x8000000000000000856520Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:00.178{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a837411453141e3b2021-12-20 16:36:00.178root
11241100x8000000000000000856521Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:00.178{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2521f1e55e55b24b2021-12-20 16:36:00.178root
11241100x8000000000000000856522Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:00.179{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b528b048da84c9cc2021-12-20 16:36:00.179root
11241100x8000000000000000856523Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:00.179{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b6137a6d365b78892021-12-20 16:36:00.179root
11241100x8000000000000000856524Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:00.179{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6d5479f4f0bd8cf2021-12-20 16:36:00.179root
11241100x8000000000000000856525Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:00.179{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.276c7a948e70ff092021-12-20 16:36:00.179root
11241100x8000000000000000856526Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:00.179{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac1bede2dae425a12021-12-20 16:36:00.179root
11241100x8000000000000000856527Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:00.180{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.05b2728693a7fbde2021-12-20 16:36:00.180root
11241100x8000000000000000856528Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:00.180{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ebf433ceea2d7dd2021-12-20 16:36:00.180root
11241100x8000000000000000856529Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:00.674{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.99776ad7b8cb746f2021-12-20 16:36:00.674root
11241100x8000000000000000856530Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:00.674{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fbb40712f8a25b912021-12-20 16:36:00.674root
11241100x8000000000000000856531Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:00.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8da45f4c811a95d2021-12-20 16:36:00.675root
11241100x8000000000000000856532Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:00.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bbbb65f3d924b8492021-12-20 16:36:00.675root
11241100x8000000000000000856533Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:00.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a15067154e658ff02021-12-20 16:36:00.675root
11241100x8000000000000000856534Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:00.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f7e11ee18f66dcd02021-12-20 16:36:00.675root
11241100x8000000000000000856535Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:00.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a21460e71f38946b2021-12-20 16:36:00.675root
11241100x8000000000000000856536Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:00.676{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d42c24a3a47762e2021-12-20 16:36:00.676root
11241100x8000000000000000856537Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:00.676{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.915ec5f1d8d1de502021-12-20 16:36:00.676root
11241100x8000000000000000856538Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:00.676{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e3037e814c4afad2021-12-20 16:36:00.676root
11241100x8000000000000000856539Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:00.676{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a15fcbc98ec136de2021-12-20 16:36:00.676root
11241100x8000000000000000856540Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:00.677{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.290b89c6313dc9ba2021-12-20 16:36:00.677root
11241100x8000000000000000856541Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:00.677{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e9b98dce59996cd52021-12-20 16:36:00.677root
11241100x8000000000000000856542Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:00.677{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a7ef4b624cd32a42021-12-20 16:36:00.677root
11241100x8000000000000000856543Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:00.678{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e02b31f2d9556622021-12-20 16:36:00.678root
11241100x8000000000000000856544Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:00.678{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a254ad93413c7592021-12-20 16:36:00.678root
11241100x8000000000000000856545Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:00.678{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.507004112781232c2021-12-20 16:36:00.678root
11241100x8000000000000000856546Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:00.679{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4173513776b2873e2021-12-20 16:36:00.679root
11241100x8000000000000000856547Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:00.679{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.640826f7b2be28312021-12-20 16:36:00.679root
11241100x8000000000000000856548Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:00.679{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.657a2c5e4a84e5e22021-12-20 16:36:00.679root
11241100x8000000000000000856549Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:00.679{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.81715e8863923e662021-12-20 16:36:00.679root
11241100x8000000000000000856550Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:00.680{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9dea5a2541bc07352021-12-20 16:36:00.680root
11241100x8000000000000000856551Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:00.680{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.103f5c890ca9def92021-12-20 16:36:00.680root
11241100x8000000000000000856552Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:00.680{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f3f8ea6c1f6ade82021-12-20 16:36:00.680root
11241100x8000000000000000856553Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:00.680{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.810ff7681d81d3232021-12-20 16:36:00.680root
11241100x8000000000000000856554Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:00.680{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0597fea9089ca7b22021-12-20 16:36:00.680root
11241100x8000000000000000856555Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:01.175{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f99f8637e72df2cb2021-12-20 16:36:01.175root
11241100x8000000000000000856556Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:01.175{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.287a1c7f90b0d6562021-12-20 16:36:01.175root
11241100x8000000000000000856557Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:01.175{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f8694b441412f7d2021-12-20 16:36:01.175root
11241100x8000000000000000856558Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:01.175{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.373641f7a5acaa4c2021-12-20 16:36:01.175root
11241100x8000000000000000856559Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:01.175{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.94a212e3ae36094e2021-12-20 16:36:01.175root
11241100x8000000000000000856560Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:01.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e576bbc1a56cffa62021-12-20 16:36:01.176root
11241100x8000000000000000856561Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:01.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.158eac2cbfa7b32b2021-12-20 16:36:01.176root
11241100x8000000000000000856562Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:01.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.43c6855a4ca5dce32021-12-20 16:36:01.176root
11241100x8000000000000000856563Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:01.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1732a7bef76c380d2021-12-20 16:36:01.176root
11241100x8000000000000000856564Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:01.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b2f48605376d3072021-12-20 16:36:01.176root
11241100x8000000000000000856565Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:01.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3da6d9f5caa364e92021-12-20 16:36:01.176root
11241100x8000000000000000856566Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:01.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3aeffd9d8036c41a2021-12-20 16:36:01.176root
11241100x8000000000000000856567Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:01.177{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e723efc5fb133d512021-12-20 16:36:01.177root
11241100x8000000000000000856568Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:01.177{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b7611f232a5129a2021-12-20 16:36:01.177root
11241100x8000000000000000856569Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:01.177{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5031a89b9ec3eca52021-12-20 16:36:01.177root
11241100x8000000000000000856570Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:01.177{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8be7f7d8e47eedc62021-12-20 16:36:01.177root
11241100x8000000000000000856571Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:01.177{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0dd383277f92e9d82021-12-20 16:36:01.177root
11241100x8000000000000000856572Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:01.177{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.53c1997e502774582021-12-20 16:36:01.177root
11241100x8000000000000000856573Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:01.177{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.88fb40b1cb1ca8652021-12-20 16:36:01.177root
11241100x8000000000000000856574Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:01.178{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f1b99433a56f739a2021-12-20 16:36:01.178root
11241100x8000000000000000856575Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:01.178{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.198c05772cfcfe302021-12-20 16:36:01.178root
11241100x8000000000000000856576Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:01.178{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a90a5283940fd0a92021-12-20 16:36:01.178root
11241100x8000000000000000856577Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:01.178{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b414bc22806bad52021-12-20 16:36:01.178root
11241100x8000000000000000856578Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:01.178{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4ed7ae7e89adcf92021-12-20 16:36:01.178root
11241100x8000000000000000856579Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:01.178{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c8011884f2c584f52021-12-20 16:36:01.178root
11241100x8000000000000000856580Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:01.674{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d46ed96802ff951b2021-12-20 16:36:01.674root
11241100x8000000000000000856581Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:01.674{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c1bf04f9b6b12d5f2021-12-20 16:36:01.674root
11241100x8000000000000000856582Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:01.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.faa4c4699aa046b72021-12-20 16:36:01.675root
11241100x8000000000000000856583Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:01.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.867a310406fb5f262021-12-20 16:36:01.675root
11241100x8000000000000000856584Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:01.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6309a39623eccaca2021-12-20 16:36:01.675root
11241100x8000000000000000856585Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:01.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f2482740fe4bd45f2021-12-20 16:36:01.675root
11241100x8000000000000000856586Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:01.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.904b719c893c208c2021-12-20 16:36:01.675root
11241100x8000000000000000856587Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:01.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3301ed9b959e449b2021-12-20 16:36:01.675root
11241100x8000000000000000856588Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:01.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a63ef4dd80e793e2021-12-20 16:36:01.675root
11241100x8000000000000000856589Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:01.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b18d04a2a8ca2a62021-12-20 16:36:01.675root
11241100x8000000000000000856590Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:01.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bbe35c998c56669b2021-12-20 16:36:01.675root
11241100x8000000000000000856591Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:01.676{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a83e966c6c889dc2021-12-20 16:36:01.676root
11241100x8000000000000000856592Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:01.676{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.64249536c31060e42021-12-20 16:36:01.676root
11241100x8000000000000000856593Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:01.676{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.251ab72d497ac9fb2021-12-20 16:36:01.676root
11241100x8000000000000000856594Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:01.676{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.039f025559d06c282021-12-20 16:36:01.676root
11241100x8000000000000000856595Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:01.676{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d455e9b5fe78ebdb2021-12-20 16:36:01.676root
11241100x8000000000000000856596Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:01.676{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.addde7db69c05efa2021-12-20 16:36:01.676root
11241100x8000000000000000856597Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:01.676{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a3120c51e4108112021-12-20 16:36:01.676root
11241100x8000000000000000856598Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:01.677{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.43f538747f88ee052021-12-20 16:36:01.677root
11241100x8000000000000000856599Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:01.677{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b6998371ef723512021-12-20 16:36:01.677root
11241100x8000000000000000856600Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:01.677{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4be9991f6fe4bc152021-12-20 16:36:01.677root
11241100x8000000000000000856601Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:01.677{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0837b8718b2947182021-12-20 16:36:01.677root
11241100x8000000000000000856602Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:01.677{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6e648b6169a02942021-12-20 16:36:01.677root
11241100x8000000000000000856603Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:01.677{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ed276a2160535e92021-12-20 16:36:01.677root
11241100x8000000000000000856604Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:01.677{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d1deed2381ec1382021-12-20 16:36:01.677root
11241100x8000000000000000856605Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:02.174{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.49ef3bc176bdd2422021-12-20 16:36:02.174root
11241100x8000000000000000856606Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:02.174{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.685fd19f334f812a2021-12-20 16:36:02.174root
11241100x8000000000000000856607Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:02.174{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ff018b0b278f81c2021-12-20 16:36:02.174root
11241100x8000000000000000856608Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:02.174{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a5a3196162bd9e92021-12-20 16:36:02.174root
11241100x8000000000000000856609Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:02.174{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.105d1ba438ad23c92021-12-20 16:36:02.174root
11241100x8000000000000000856610Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:02.175{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e45dc3c10663d9a2021-12-20 16:36:02.175root
11241100x8000000000000000856611Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:02.175{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e76d768bc5a279c62021-12-20 16:36:02.175root
11241100x8000000000000000856612Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:02.175{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a64aa948100a04a72021-12-20 16:36:02.175root
11241100x8000000000000000856613Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:02.175{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e37e25c07f84cca02021-12-20 16:36:02.175root
11241100x8000000000000000856614Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:02.175{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b5557e0bd48c227a2021-12-20 16:36:02.175root
11241100x8000000000000000856615Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:02.175{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f513227d4e8a52602021-12-20 16:36:02.175root
11241100x8000000000000000856616Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:02.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.56942cfea000bb342021-12-20 16:36:02.176root
11241100x8000000000000000856617Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:02.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ea533d1e417344e2021-12-20 16:36:02.176root
11241100x8000000000000000856618Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:02.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.12feba8112729b672021-12-20 16:36:02.176root
11241100x8000000000000000856619Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:02.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.339c9f310356efff2021-12-20 16:36:02.176root
11241100x8000000000000000856620Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:02.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c8251aadbfffe0c2021-12-20 16:36:02.176root
11241100x8000000000000000856621Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:02.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e63c934425f6a8cd2021-12-20 16:36:02.176root
11241100x8000000000000000856622Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:02.177{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.81591d0961db871c2021-12-20 16:36:02.177root
11241100x8000000000000000856623Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:02.177{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d88313cb95f692b2021-12-20 16:36:02.177root
11241100x8000000000000000856624Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:02.177{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c7fcd6cf20fb97e02021-12-20 16:36:02.177root
11241100x8000000000000000856625Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:02.177{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bcac09938a1c6a192021-12-20 16:36:02.177root
11241100x8000000000000000856626Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:02.177{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f250667ff7821972021-12-20 16:36:02.177root
11241100x8000000000000000856627Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:02.177{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e1c1326e084e47882021-12-20 16:36:02.177root
11241100x8000000000000000856628Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:02.178{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae2baec948fab6b02021-12-20 16:36:02.178root
11241100x8000000000000000856629Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:02.178{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd42c8dbf7043e692021-12-20 16:36:02.178root
11241100x8000000000000000856630Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:02.178{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6e727555048e20b52021-12-20 16:36:02.178root
11241100x8000000000000000856631Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:02.178{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a5f41de18e2974f42021-12-20 16:36:02.178root
11241100x8000000000000000856632Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:02.178{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ec111edbf5f35e92021-12-20 16:36:02.178root
11241100x8000000000000000856633Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:02.674{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b4bf168083957d22021-12-20 16:36:02.674root
11241100x8000000000000000856634Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:02.674{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fb52fbaca6d594d72021-12-20 16:36:02.674root
11241100x8000000000000000856635Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:02.674{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.278eaa187194d7602021-12-20 16:36:02.674root
11241100x8000000000000000856636Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:02.674{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.93808af806d751642021-12-20 16:36:02.674root
11241100x8000000000000000856637Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:02.674{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ce5a5ea759d57582021-12-20 16:36:02.674root
11241100x8000000000000000856638Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:02.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8867c3229d366512021-12-20 16:36:02.675root
11241100x8000000000000000856639Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:02.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae72acd6337895852021-12-20 16:36:02.675root
11241100x8000000000000000856640Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:02.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.015974eeab94280b2021-12-20 16:36:02.675root
11241100x8000000000000000856641Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:02.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b15b3a200d678642021-12-20 16:36:02.675root
11241100x8000000000000000856642Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:02.676{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b99510184a5d9512021-12-20 16:36:02.676root
11241100x8000000000000000856643Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:02.676{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e87a9b192c8d349d2021-12-20 16:36:02.676root
11241100x8000000000000000856644Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:02.678{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9fb11b1863b5fcac2021-12-20 16:36:02.678root
11241100x8000000000000000856645Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:02.678{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f475a644052af282021-12-20 16:36:02.678root
11241100x8000000000000000856646Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:02.678{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d3f14136adbbb392021-12-20 16:36:02.678root
11241100x8000000000000000856647Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:02.678{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21b0e1b94ad0e8592021-12-20 16:36:02.678root
11241100x8000000000000000856648Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:02.678{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.86bcda16ae47130b2021-12-20 16:36:02.678root
11241100x8000000000000000856649Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:02.678{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d28233f9db1ba672021-12-20 16:36:02.678root
11241100x8000000000000000856650Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:02.678{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eaedcd4f94fdd73a2021-12-20 16:36:02.678root
11241100x8000000000000000856651Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:02.678{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb53a42d437fad2d2021-12-20 16:36:02.678root
11241100x8000000000000000856652Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:02.678{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2df7cdbc9b35a3b02021-12-20 16:36:02.678root
11241100x8000000000000000856653Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:02.678{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.58838a72611530202021-12-20 16:36:02.678root
11241100x8000000000000000856654Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:02.678{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.151a44584a631f7b2021-12-20 16:36:02.678root
11241100x8000000000000000856655Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:02.679{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.14d4d0020136464f2021-12-20 16:36:02.679root
11241100x8000000000000000856656Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:02.679{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.07d8da9b83f4a92e2021-12-20 16:36:02.679root
11241100x8000000000000000856657Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:02.679{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.27fb0ae82f31f8c82021-12-20 16:36:02.679root
11241100x8000000000000000856658Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:02.679{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8dd258857a41f4942021-12-20 16:36:02.679root
11241100x8000000000000000856659Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:02.679{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b35b01a0c07f3d662021-12-20 16:36:02.679root
11241100x8000000000000000856660Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:02.679{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e97f4c2ae2b35d582021-12-20 16:36:02.679root
11241100x8000000000000000856661Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:03.175{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a0d06824c1efee72021-12-20 16:36:03.175root
11241100x8000000000000000856662Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:03.175{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a7349a469545f46e2021-12-20 16:36:03.175root
11241100x8000000000000000856663Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:03.175{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b0c5b519975f70552021-12-20 16:36:03.175root
11241100x8000000000000000856664Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:03.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.79df260666f4f5d42021-12-20 16:36:03.176root
11241100x8000000000000000856665Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:03.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4745c0ece080ad7b2021-12-20 16:36:03.176root
11241100x8000000000000000856666Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:03.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec7af588ba7074db2021-12-20 16:36:03.176root
11241100x8000000000000000856667Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:03.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7c8064a60357eb12021-12-20 16:36:03.176root
11241100x8000000000000000856668Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:03.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f4f53d0e9ca2cbbf2021-12-20 16:36:03.176root
11241100x8000000000000000856669Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:03.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eadb168f8509f6ce2021-12-20 16:36:03.176root
11241100x8000000000000000856670Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:03.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.074f4652534e9b212021-12-20 16:36:03.176root
11241100x8000000000000000856671Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:03.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4136e9d6c6bc511f2021-12-20 16:36:03.176root
11241100x8000000000000000856672Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:03.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d922646a20d46e792021-12-20 16:36:03.176root
11241100x8000000000000000856673Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:03.177{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c01ef5598118c6ea2021-12-20 16:36:03.177root
11241100x8000000000000000856674Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:03.177{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.765c50843ecbcb382021-12-20 16:36:03.177root
11241100x8000000000000000856675Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:03.177{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.97791153bb08efad2021-12-20 16:36:03.177root
11241100x8000000000000000856676Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:03.177{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3792e4a8d8da602b2021-12-20 16:36:03.177root
11241100x8000000000000000856677Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:03.177{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69ba438475e96dc52021-12-20 16:36:03.177root
11241100x8000000000000000856678Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:03.177{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.08524c1c0f91fb952021-12-20 16:36:03.177root
11241100x8000000000000000856679Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:03.177{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ce4a71f051be4382021-12-20 16:36:03.177root
11241100x8000000000000000856680Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:03.178{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.333312e1b35d1d5f2021-12-20 16:36:03.178root
11241100x8000000000000000856681Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:03.178{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d957774f2c2c71692021-12-20 16:36:03.178root
11241100x8000000000000000856682Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:03.178{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a102e7fbce0ca3b12021-12-20 16:36:03.178root
11241100x8000000000000000856683Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:03.178{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f55785629aa051592021-12-20 16:36:03.178root
11241100x8000000000000000856684Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:03.179{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8ab03a9f54b04582021-12-20 16:36:03.179root
11241100x8000000000000000856685Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:03.179{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.832aa87e792c4a3a2021-12-20 16:36:03.179root
11241100x8000000000000000856686Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:03.674{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.86cfcf0568a4650e2021-12-20 16:36:03.674root
11241100x8000000000000000856687Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:03.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.394e853899d6525f2021-12-20 16:36:03.675root
11241100x8000000000000000856688Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:03.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f4c4cc5cd0356c482021-12-20 16:36:03.675root
11241100x8000000000000000856689Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:03.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c5db1323f2f45f202021-12-20 16:36:03.675root
11241100x8000000000000000856690Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:03.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.469b38b81001c35c2021-12-20 16:36:03.675root
11241100x8000000000000000856691Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:03.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8db028dbc0e6dff52021-12-20 16:36:03.675root
11241100x8000000000000000856692Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:03.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bca1c68a3b0345c52021-12-20 16:36:03.675root
11241100x8000000000000000856693Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:03.676{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c5b7ad88e0f03c02021-12-20 16:36:03.676root
11241100x8000000000000000856694Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:03.676{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.340982024dcc4eeb2021-12-20 16:36:03.676root
11241100x8000000000000000856695Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:03.676{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5514b3db9b6d84872021-12-20 16:36:03.676root
11241100x8000000000000000856696Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:03.676{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0869441c856413732021-12-20 16:36:03.676root
11241100x8000000000000000856697Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:03.676{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.46e8913df4b990572021-12-20 16:36:03.676root
11241100x8000000000000000856698Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:03.676{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23cd78e7dd87182e2021-12-20 16:36:03.676root
11241100x8000000000000000856699Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:03.676{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.954ee7844b73f9e12021-12-20 16:36:03.676root
11241100x8000000000000000856700Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:03.676{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e5226a76fb014cd2021-12-20 16:36:03.676root
11241100x8000000000000000856701Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:03.677{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.39bea3083d1ead292021-12-20 16:36:03.677root
11241100x8000000000000000856702Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:03.677{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.83b79a2656d4b6792021-12-20 16:36:03.677root
11241100x8000000000000000856703Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:03.677{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a5959ece468e7fb2021-12-20 16:36:03.677root
11241100x8000000000000000856704Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:03.677{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ab1acae9a16303d52021-12-20 16:36:03.677root
11241100x8000000000000000856705Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:03.681{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.451584e2506516d42021-12-20 16:36:03.681root
11241100x8000000000000000856706Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:03.681{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33ee0802d28647cc2021-12-20 16:36:03.681root
11241100x8000000000000000856707Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:03.682{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be29fbd2073d72d82021-12-20 16:36:03.682root
11241100x8000000000000000856708Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:03.682{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.deec35b837758b5b2021-12-20 16:36:03.682root
11241100x8000000000000000856709Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:03.682{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a9a77ce37fee23e2021-12-20 16:36:03.682root
11241100x8000000000000000856710Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:03.682{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.71617c332a20e5c72021-12-20 16:36:03.682root
11241100x8000000000000000856711Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.174{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5daccf4583f516512021-12-20 16:36:04.174root
11241100x8000000000000000856712Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.174{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.170ec77503a23fe12021-12-20 16:36:04.174root
11241100x8000000000000000856713Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.174{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0156bda69758cd592021-12-20 16:36:04.174root
11241100x8000000000000000856714Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.174{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6d809ac915c00e82021-12-20 16:36:04.174root
11241100x8000000000000000856715Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.175{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d5a655196160def2021-12-20 16:36:04.175root
11241100x8000000000000000856716Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.175{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7842747b22fc121a2021-12-20 16:36:04.175root
11241100x8000000000000000856717Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.175{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a05a7b8f203252e72021-12-20 16:36:04.175root
11241100x8000000000000000856718Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.175{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1bfd345a46caf0082021-12-20 16:36:04.175root
11241100x8000000000000000856719Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.175{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a07ff99bd99febd22021-12-20 16:36:04.175root
11241100x8000000000000000856720Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.175{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.332dbb89f0a9bff32021-12-20 16:36:04.175root
11241100x8000000000000000856721Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.175{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9bd11883a4ae3ba62021-12-20 16:36:04.175root
11241100x8000000000000000856722Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.175{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb92ce9299b8385f2021-12-20 16:36:04.175root
11241100x8000000000000000856723Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.175{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.67181813c6b6f71f2021-12-20 16:36:04.175root
11241100x8000000000000000856724Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.175{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d313f853edf36a952021-12-20 16:36:04.175root
11241100x8000000000000000856725Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.175{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6151d499b02094bf2021-12-20 16:36:04.175root
11241100x8000000000000000856726Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f8125ad5737a0c22021-12-20 16:36:04.176root
11241100x8000000000000000856727Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae58d062bbe149362021-12-20 16:36:04.176root
11241100x8000000000000000856728Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3364ef36bc9c77722021-12-20 16:36:04.176root
11241100x8000000000000000856729Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.03c2b50f47b284072021-12-20 16:36:04.176root
11241100x8000000000000000856730Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2a78d063a7956a372021-12-20 16:36:04.176root
11241100x8000000000000000856731Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a7739ce504914882021-12-20 16:36:04.176root
11241100x8000000000000000856732Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1997e1fd1e0cee52021-12-20 16:36:04.176root
11241100x8000000000000000856733Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b02da8720fccc2fb2021-12-20 16:36:04.176root
11241100x8000000000000000856734Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cfbabbc22c4ba6522021-12-20 16:36:04.176root
11241100x8000000000000000856735Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7bc43b26101439e82021-12-20 16:36:04.176root
11241100x8000000000000000856736Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f0bedb3ada539692021-12-20 16:36:04.176root
11241100x8000000000000000856737Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.abae88890e5939e02021-12-20 16:36:04.176root
11241100x8000000000000000856738Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.177{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c25612b1178c2162021-12-20 16:36:04.177root
354300x8000000000000000856739Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.186{ec2c97d1-6aab-61c0-5175-3a0400000000}5261/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-52346-false10.0.1.12-8000-
11241100x8000000000000000856740Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.674{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f77a731d369c2d452021-12-20 16:36:04.674root
11241100x8000000000000000856741Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.674{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.624a73d9ecbc22292021-12-20 16:36:04.674root
11241100x8000000000000000856742Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.674{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e07bc115e3b1341b2021-12-20 16:36:04.674root
11241100x8000000000000000856743Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.674{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.13c8fc60ae0838282021-12-20 16:36:04.674root
11241100x8000000000000000856744Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.674{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aea2f6a2f995d8412021-12-20 16:36:04.674root
11241100x8000000000000000856745Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6132693141a45c142021-12-20 16:36:04.675root
11241100x8000000000000000856746Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d2f152b8688048f32021-12-20 16:36:04.675root
11241100x8000000000000000856747Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.58ee2b9310e879ba2021-12-20 16:36:04.675root
11241100x8000000000000000856748Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4650a77fb611bf072021-12-20 16:36:04.675root
11241100x8000000000000000856749Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90b76ed8b59852b82021-12-20 16:36:04.675root
11241100x8000000000000000856750Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f6c10943e94e0c082021-12-20 16:36:04.675root
11241100x8000000000000000856751Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f3a2184eedcf5ae2021-12-20 16:36:04.675root
11241100x8000000000000000856752Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.37947306bbf995272021-12-20 16:36:04.675root
11241100x8000000000000000856753Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.698e80edbc3303132021-12-20 16:36:04.675root
11241100x8000000000000000856754Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7cb6dad4a60bcdd12021-12-20 16:36:04.675root
11241100x8000000000000000856755Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.676{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.098668bff3fc12712021-12-20 16:36:04.676root
11241100x8000000000000000856756Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.676{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.86791219cc31c8662021-12-20 16:36:04.676root
11241100x8000000000000000856757Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.676{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b7774b87410c7f62021-12-20 16:36:04.676root
11241100x8000000000000000856758Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.676{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f22549363467093e2021-12-20 16:36:04.676root
11241100x8000000000000000856759Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.676{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.924e6d24c798fd672021-12-20 16:36:04.676root
11241100x8000000000000000856760Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.676{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e91c77a843010472021-12-20 16:36:04.676root
11241100x8000000000000000856761Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.676{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c95f6d78e754efe2021-12-20 16:36:04.676root
11241100x8000000000000000856762Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.677{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f70f4387259797d32021-12-20 16:36:04.677root
11241100x8000000000000000856763Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.677{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e338e32ce04b96632021-12-20 16:36:04.677root
11241100x8000000000000000856764Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.677{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c197ff4a389d2e242021-12-20 16:36:04.677root
11241100x8000000000000000856765Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.677{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.042055acfe628ce52021-12-20 16:36:04.677root
11241100x8000000000000000856766Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.677{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4c28e58072da0802021-12-20 16:36:04.677root
11241100x8000000000000000856767Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.677{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2fed9f4e5f03cbbd2021-12-20 16:36:04.677root
11241100x8000000000000000856768Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.677{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.78fc69371bed25102021-12-20 16:36:04.677root
11241100x8000000000000000856769Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.678{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1804cef71fc6f3652021-12-20 16:36:04.678root
11241100x8000000000000000856770Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.678{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a228057b2d46e2e2021-12-20 16:36:04.678root
11241100x8000000000000000856771Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.678{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23c622fbfad270642021-12-20 16:36:04.678root
11241100x8000000000000000856772Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.678{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f1b12ccaf733b3f62021-12-20 16:36:04.678root
11241100x8000000000000000856773Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.678{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1eb0cf800ce859612021-12-20 16:36:04.678root
11241100x8000000000000000856774Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:04.678{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f158f4322ca28d9f2021-12-20 16:36:04.678root
11241100x8000000000000000856775Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:05.174{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6fc1ec9d0ade1b2a2021-12-20 16:36:05.174root
11241100x8000000000000000856776Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:05.174{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6414bcff1e8605622021-12-20 16:36:05.174root
11241100x8000000000000000856777Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:05.175{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cb5c74efdc81a0de2021-12-20 16:36:05.175root
11241100x8000000000000000856778Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:05.175{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.064aed385be966692021-12-20 16:36:05.175root
11241100x8000000000000000856779Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:05.175{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c37d5535e8b102a2021-12-20 16:36:05.175root
11241100x8000000000000000856780Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:05.175{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e32ddd25002294e72021-12-20 16:36:05.175root
11241100x8000000000000000856781Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:05.175{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5583ed3f7627557e2021-12-20 16:36:05.175root
11241100x8000000000000000856782Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:05.175{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a59e8e351dfe0052021-12-20 16:36:05.175root
11241100x8000000000000000856783Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:05.175{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6e0c5d6f8c1f43c52021-12-20 16:36:05.175root
11241100x8000000000000000856784Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:05.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb218b6e41e186832021-12-20 16:36:05.176root
11241100x8000000000000000856785Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:05.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a9e8a7cae5ca4312021-12-20 16:36:05.176root
11241100x8000000000000000856786Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:05.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f72519dba6854b6e2021-12-20 16:36:05.176root
11241100x8000000000000000856787Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:05.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a10a563f8bfa39d2021-12-20 16:36:05.176root
11241100x8000000000000000856788Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:05.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.082563a24c9494922021-12-20 16:36:05.176root
11241100x8000000000000000856789Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:05.177{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e3b32520def5dac2021-12-20 16:36:05.177root
11241100x8000000000000000856790Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:05.177{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.39687e4bd485091e2021-12-20 16:36:05.177root
11241100x8000000000000000856791Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:05.177{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bcb2f2c1f8129fef2021-12-20 16:36:05.177root
11241100x8000000000000000856792Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:05.177{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.20551a0e70118c072021-12-20 16:36:05.177root
11241100x8000000000000000856793Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:05.177{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a3e27dfc4bcae4c2021-12-20 16:36:05.177root
11241100x8000000000000000856794Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:05.177{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.05d7a779d8b8d89d2021-12-20 16:36:05.177root
11241100x8000000000000000856795Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:05.177{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b3d35acb8cccda22021-12-20 16:36:05.177root
11241100x8000000000000000856796Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:05.177{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3cc948333d9a6eb02021-12-20 16:36:05.177root
11241100x8000000000000000856797Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:05.177{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb57766fd9dab7f92021-12-20 16:36:05.177root
11241100x8000000000000000856798Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:05.177{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7180131523fc87ed2021-12-20 16:36:05.177root
11241100x8000000000000000856799Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:05.178{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c1cd41608bc32deb2021-12-20 16:36:05.178root
11241100x8000000000000000856800Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:05.178{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d8f694e565b39ab2021-12-20 16:36:05.178root
11241100x8000000000000000856801Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:05.674{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dbda244f3da33f4f2021-12-20 16:36:05.674root
11241100x8000000000000000856802Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:05.674{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae1fa2889311ae882021-12-20 16:36:05.674root
11241100x8000000000000000856803Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:05.674{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.418df40349af9c522021-12-20 16:36:05.674root
11241100x8000000000000000856804Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:05.674{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0815cd208c10c942021-12-20 16:36:05.674root
11241100x8000000000000000856805Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:05.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6568c4b5c47f950f2021-12-20 16:36:05.675root
11241100x8000000000000000856806Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:05.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e468ef0817ba54772021-12-20 16:36:05.675root
11241100x8000000000000000856807Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:05.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f76a01dede5fbacd2021-12-20 16:36:05.675root
11241100x8000000000000000856808Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:05.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e9ff7535914f46e82021-12-20 16:36:05.675root
11241100x8000000000000000856809Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:05.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b6cdf9b3d1efb5292021-12-20 16:36:05.675root
11241100x8000000000000000856810Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:05.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4b000a3180eeae32021-12-20 16:36:05.675root
11241100x8000000000000000856811Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:05.676{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.760901792d74beba2021-12-20 16:36:05.676root
11241100x8000000000000000856812Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:05.676{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7076eba865dae2442021-12-20 16:36:05.676root
11241100x8000000000000000856813Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:05.677{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8250a52bc66f27b2021-12-20 16:36:05.677root
11241100x8000000000000000856814Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:05.677{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa72ba845638e0a62021-12-20 16:36:05.677root
11241100x8000000000000000856815Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:05.677{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.04843fa81f55aaf92021-12-20 16:36:05.677root
11241100x8000000000000000856816Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:05.677{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.72dbc971e183e0902021-12-20 16:36:05.677root
11241100x8000000000000000856817Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:05.677{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa16976de3d22b342021-12-20 16:36:05.677root
11241100x8000000000000000856818Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:05.678{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c1288dd8d8a80f972021-12-20 16:36:05.678root
11241100x8000000000000000856819Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:05.678{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d32987d1ba392a652021-12-20 16:36:05.678root
11241100x8000000000000000856820Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:05.678{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.370d942150df25692021-12-20 16:36:05.678root
11241100x8000000000000000856821Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:05.678{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.03a3bdadb889dd462021-12-20 16:36:05.678root
11241100x8000000000000000856822Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:05.678{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1e4578db86a42892021-12-20 16:36:05.678root
11241100x8000000000000000856823Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:05.679{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7235e78bdd9d2362021-12-20 16:36:05.679root
11241100x8000000000000000856824Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:05.679{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.416365ccdafdd3062021-12-20 16:36:05.679root
11241100x8000000000000000856825Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:05.679{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b10eaf0e0dac3b5c2021-12-20 16:36:05.679root
11241100x8000000000000000856826Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:05.679{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7aae9667de2ff452021-12-20 16:36:05.679root
11241100x8000000000000000856827Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:05.679{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f85ed1c2d5f15142021-12-20 16:36:05.679root
11241100x8000000000000000856828Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:05.680{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.203caf3973f812832021-12-20 16:36:05.680root
11241100x8000000000000000856829Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:05.680{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9819a1efca8033af2021-12-20 16:36:05.680root
11241100x8000000000000000856830Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:05.680{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9415abcc965e10ff2021-12-20 16:36:05.680root
11241100x8000000000000000856831Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:05.681{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6204c59c78cc1f1a2021-12-20 16:36:05.681root
11241100x8000000000000000856832Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:05.681{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bfb5355dd5802caf2021-12-20 16:36:05.681root
11241100x8000000000000000856833Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:05.681{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.22986523ab586a5b2021-12-20 16:36:05.681root
11241100x8000000000000000856834Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:05.681{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0fd97882a1f9a6152021-12-20 16:36:05.681root
11241100x8000000000000000856835Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:05.885{ec2c97d1-6aa3-61c0-30c8-0d28b1550000}5188/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log2021-12-20 16:36:05.885root
11241100x8000000000000000856836Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:06.174{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7929519e9ca73c122021-12-20 16:36:06.174root
11241100x8000000000000000856837Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:06.174{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.437c4cbeadfe25fd2021-12-20 16:36:06.174root
11241100x8000000000000000856838Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:06.174{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc52b2bb3d0c27b12021-12-20 16:36:06.174root
11241100x8000000000000000856839Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:06.175{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.828ca2984a9909cb2021-12-20 16:36:06.175root
11241100x8000000000000000856840Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:06.175{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.007ea1236d1993ba2021-12-20 16:36:06.175root
11241100x8000000000000000856841Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:06.175{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.092d461f6fcd8dd62021-12-20 16:36:06.175root
11241100x8000000000000000856842Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:06.175{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.81982b0533735b8f2021-12-20 16:36:06.175root
11241100x8000000000000000856843Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:06.175{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6f98e27f98db9c0e2021-12-20 16:36:06.175root
11241100x8000000000000000856844Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:06.175{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.382847c35a5549d42021-12-20 16:36:06.175root
11241100x8000000000000000856845Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:06.175{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d61a5370ac3bb6382021-12-20 16:36:06.175root
11241100x8000000000000000856846Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:06.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3af2c88c0057f2182021-12-20 16:36:06.176root
11241100x8000000000000000856847Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:06.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e3701b05a9bff422021-12-20 16:36:06.176root
11241100x8000000000000000856848Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:06.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1d554b784037feb2021-12-20 16:36:06.176root
11241100x8000000000000000856849Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:06.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de33bdf588b0c28c2021-12-20 16:36:06.176root
11241100x8000000000000000856850Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:06.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.84406d1ed26f10f12021-12-20 16:36:06.176root
11241100x8000000000000000856851Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:06.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c1801f30a643c7412021-12-20 16:36:06.176root
11241100x8000000000000000856852Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:06.177{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d73817d955dd929d2021-12-20 16:36:06.177root
11241100x8000000000000000856853Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:06.177{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a90e1961df88626a2021-12-20 16:36:06.177root
11241100x8000000000000000856854Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:06.177{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.88caee290afb9a7e2021-12-20 16:36:06.177root
11241100x8000000000000000856855Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:06.177{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d2f4a32039e240902021-12-20 16:36:06.177root
11241100x8000000000000000856856Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:06.177{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c7fe209f90d8492f2021-12-20 16:36:06.177root
11241100x8000000000000000856857Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:06.178{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.045424084cd138062021-12-20 16:36:06.178root
11241100x8000000000000000856858Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:06.178{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b76ad794451257e62021-12-20 16:36:06.178root
11241100x8000000000000000856859Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:06.178{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b396ea1989db97a2021-12-20 16:36:06.178root
11241100x8000000000000000856860Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:06.178{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db53d6ad9e71a15c2021-12-20 16:36:06.178root
11241100x8000000000000000856861Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:06.178{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.923d23310ec7d56c2021-12-20 16:36:06.178root
11241100x8000000000000000856862Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:06.179{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6ea0793557e61212021-12-20 16:36:06.179root
11241100x8000000000000000856863Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:06.179{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.70e2ca1f50d3ae832021-12-20 16:36:06.179root
11241100x8000000000000000856864Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:06.179{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0aa4dea9ca556bee2021-12-20 16:36:06.179root
11241100x8000000000000000856865Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:06.179{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dccda0e0f089c3e32021-12-20 16:36:06.179root
11241100x8000000000000000856866Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:06.179{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b48e215a130668fd2021-12-20 16:36:06.179root
11241100x8000000000000000856867Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:06.179{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.66f5611cf9cbcaaf2021-12-20 16:36:06.179root
11241100x8000000000000000856868Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:06.674{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e61ee796b77d6f9b2021-12-20 16:36:06.674root
11241100x8000000000000000856869Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:06.674{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d7b564e5c835cd62021-12-20 16:36:06.674root
11241100x8000000000000000856870Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:06.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0af6bacfbe99383b2021-12-20 16:36:06.675root
11241100x8000000000000000856871Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:06.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ad0ab063ccf286ab2021-12-20 16:36:06.675root
11241100x8000000000000000856872Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:06.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.012ed45c7ec3bd9d2021-12-20 16:36:06.675root
11241100x8000000000000000856873Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:06.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc536847ba979e982021-12-20 16:36:06.675root
11241100x8000000000000000856874Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:06.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.19a71e3d9f70d2d62021-12-20 16:36:06.675root
11241100x8000000000000000856875Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:06.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ab283791408b11392021-12-20 16:36:06.675root
11241100x8000000000000000856876Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:06.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.19a140f81aecaaee2021-12-20 16:36:06.675root
11241100x8000000000000000856877Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:06.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e11e3466e6af325b2021-12-20 16:36:06.675root
11241100x8000000000000000856878Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:06.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7bd08ee4e8048ca72021-12-20 16:36:06.675root
11241100x8000000000000000856879Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:06.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7207eab08da941e52021-12-20 16:36:06.675root
11241100x8000000000000000856880Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:06.676{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.93b6408d4a5e00af2021-12-20 16:36:06.676root
11241100x8000000000000000856881Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:06.676{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48bb26268212de942021-12-20 16:36:06.676root
11241100x8000000000000000856882Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:06.676{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.49a5849a6f4463072021-12-20 16:36:06.676root
11241100x8000000000000000856883Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:06.676{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f3b2b98ed2031c42021-12-20 16:36:06.676root
11241100x8000000000000000856884Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:06.676{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c4d276a377d1c3252021-12-20 16:36:06.676root
11241100x8000000000000000856885Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:06.676{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e4dac9df86d53c42021-12-20 16:36:06.676root
11241100x8000000000000000856886Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:06.676{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8cae3286e0041442021-12-20 16:36:06.676root
11241100x8000000000000000856887Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:06.676{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d90a2eb7aafd104c2021-12-20 16:36:06.676root
11241100x8000000000000000856888Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:06.677{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.221f6db64ae0079c2021-12-20 16:36:06.677root
11241100x8000000000000000856889Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:06.677{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.28dcee055e6f56842021-12-20 16:36:06.677root
11241100x8000000000000000856890Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:06.677{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b2e7aade1436e9172021-12-20 16:36:06.677root
11241100x8000000000000000856891Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:06.677{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.930fc2fab9d932c42021-12-20 16:36:06.677root
11241100x8000000000000000856892Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:06.677{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4bf6e231288555842021-12-20 16:36:06.677root
11241100x8000000000000000856893Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:06.677{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c91d58c206e0836b2021-12-20 16:36:06.677root
11241100x8000000000000000856894Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:06.677{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a65169e26592b9682021-12-20 16:36:06.677root
11241100x8000000000000000856895Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:07.174{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1312c10a76f205612021-12-20 16:36:07.174root
11241100x8000000000000000856896Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:07.174{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b8e966f3f2aefec2021-12-20 16:36:07.174root
11241100x8000000000000000856897Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:07.174{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ffe07419b5d8174a2021-12-20 16:36:07.174root
11241100x8000000000000000856898Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:07.175{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d55b9bd8046edcd32021-12-20 16:36:07.175root
11241100x8000000000000000856899Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:07.175{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db53c132ef3c66fd2021-12-20 16:36:07.175root
11241100x8000000000000000856900Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:07.175{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e8f7bd2582202ef2021-12-20 16:36:07.175root
11241100x8000000000000000856901Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:07.175{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9f7f14a4dc4d1c092021-12-20 16:36:07.175root
11241100x8000000000000000856902Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:07.175{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.173e846b9e4194722021-12-20 16:36:07.175root
11241100x8000000000000000856903Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:07.175{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.560ea8ccc04a22e02021-12-20 16:36:07.175root
11241100x8000000000000000856904Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:07.175{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96f362c91ebc19bc2021-12-20 16:36:07.175root
11241100x8000000000000000856905Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:07.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dafaaac5187aa4f52021-12-20 16:36:07.176root
11241100x8000000000000000856906Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:07.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.589c44bc4a4f40392021-12-20 16:36:07.176root
11241100x8000000000000000856907Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:07.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f56742da1fa440512021-12-20 16:36:07.176root
11241100x8000000000000000856908Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:07.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ae9e9ad015766272021-12-20 16:36:07.176root
11241100x8000000000000000856909Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:07.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac239d00b83394602021-12-20 16:36:07.176root
11241100x8000000000000000856910Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:07.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4cb2d83ea1efa1e2021-12-20 16:36:07.176root
11241100x8000000000000000856911Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:07.177{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a4a29f8ab8eea8992021-12-20 16:36:07.177root
11241100x8000000000000000856912Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:07.177{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf2cce40a4a7e1a92021-12-20 16:36:07.177root
11241100x8000000000000000856913Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:07.177{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.26ceddcb3fe9696e2021-12-20 16:36:07.177root
11241100x8000000000000000856914Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:07.177{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a69531009aa853dd2021-12-20 16:36:07.177root
11241100x8000000000000000856915Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:07.177{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d34f0e03dfe30b42021-12-20 16:36:07.177root
11241100x8000000000000000856916Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:07.178{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9e2e36d4b1b900f2021-12-20 16:36:07.178root
11241100x8000000000000000856917Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:07.178{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc5b6a151fb54df42021-12-20 16:36:07.178root
11241100x8000000000000000856918Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:07.178{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8ad6b61587f5b042021-12-20 16:36:07.178root
11241100x8000000000000000856919Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:07.178{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0ce718bd0ffaef822021-12-20 16:36:07.178root
11241100x8000000000000000856920Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:07.178{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b72d2a92f5e74f2c2021-12-20 16:36:07.178root
11241100x8000000000000000856921Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:07.178{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6f7d944bfafa0422021-12-20 16:36:07.178root
11241100x8000000000000000856922Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:07.674{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7e68e8ba59d54252021-12-20 16:36:07.674root
11241100x8000000000000000856923Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:07.674{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.13b658a0f31fba9d2021-12-20 16:36:07.674root
11241100x8000000000000000856924Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:07.674{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e26eadd09540ec8e2021-12-20 16:36:07.674root
11241100x8000000000000000856925Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:07.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.988043fbe8fea8192021-12-20 16:36:07.675root
11241100x8000000000000000856926Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:07.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.67715e898f176ade2021-12-20 16:36:07.675root
11241100x8000000000000000856927Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:07.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9eaf38b4cc5301222021-12-20 16:36:07.675root
11241100x8000000000000000856928Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:07.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9f93709b4f1dbd4d2021-12-20 16:36:07.675root
11241100x8000000000000000856929Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:07.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f86850a9683298ef2021-12-20 16:36:07.675root
11241100x8000000000000000856930Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:07.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.325098a3a437bb942021-12-20 16:36:07.675root
11241100x8000000000000000856931Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:07.676{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.edc6bf3976b66b242021-12-20 16:36:07.676root
11241100x8000000000000000856932Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:07.676{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.42e6b9c1f7ba26922021-12-20 16:36:07.676root
11241100x8000000000000000856933Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:07.676{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6640177a9db6c13e2021-12-20 16:36:07.676root
11241100x8000000000000000856934Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:07.677{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25dabf22536f8dac2021-12-20 16:36:07.677root
11241100x8000000000000000856935Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:07.677{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f66471ed79550b902021-12-20 16:36:07.677root
11241100x8000000000000000856936Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:07.677{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.08b026b6d24a1f9c2021-12-20 16:36:07.677root
11241100x8000000000000000856937Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:07.677{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a73012cfa8932ec52021-12-20 16:36:07.677root
11241100x8000000000000000856938Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:07.678{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc682a279e0125522021-12-20 16:36:07.678root
11241100x8000000000000000856939Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:07.680{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8289ab3f89c4ea3c2021-12-20 16:36:07.680root
11241100x8000000000000000856940Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:07.680{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e4295b39f19eed82021-12-20 16:36:07.680root
11241100x8000000000000000856941Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:07.680{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.faa649caaec98d162021-12-20 16:36:07.680root
11241100x8000000000000000856942Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:07.680{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ab4079c40d61c542021-12-20 16:36:07.680root
11241100x8000000000000000856943Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:07.681{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d35990ad6a97543a2021-12-20 16:36:07.681root
11241100x8000000000000000856944Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:07.682{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b69cb948db708452021-12-20 16:36:07.682root
11241100x8000000000000000856945Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:07.682{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba4e52cd97aa5a7e2021-12-20 16:36:07.682root
11241100x8000000000000000856946Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:07.682{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ad70ae2015213562021-12-20 16:36:07.682root
11241100x8000000000000000856947Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:07.683{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f3ebf4d79ce9e6ed2021-12-20 16:36:07.683root
11241100x8000000000000000856948Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:07.684{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b98838535ed68b562021-12-20 16:36:07.684root
11241100x8000000000000000856949Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:07.685{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.498b9ac6c78efd982021-12-20 16:36:07.685root
11241100x8000000000000000856950Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:08.175{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0b6f18d5430ccf52021-12-20 16:36:08.175root
11241100x8000000000000000856951Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:08.175{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cceb39669c57ec882021-12-20 16:36:08.175root
11241100x8000000000000000856952Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:08.175{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.80cd7d24e683b6f22021-12-20 16:36:08.175root
11241100x8000000000000000856953Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:08.175{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f799d0820b30ad012021-12-20 16:36:08.175root
11241100x8000000000000000856954Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:08.175{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c08d16f1339ba1432021-12-20 16:36:08.175root
11241100x8000000000000000856955Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:08.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3831fd55f76c91fd2021-12-20 16:36:08.176root
11241100x8000000000000000856956Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:08.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d99c1abfba765002021-12-20 16:36:08.176root
11241100x8000000000000000856957Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:08.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c5d19942b4538d2e2021-12-20 16:36:08.176root
11241100x8000000000000000856958Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:08.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2a4ce3bf8d46d682021-12-20 16:36:08.176root
11241100x8000000000000000856959Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:08.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a187b25be9230d052021-12-20 16:36:08.176root
11241100x8000000000000000856960Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:08.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa47dd7f05dd3b932021-12-20 16:36:08.176root
11241100x8000000000000000856961Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:08.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.832e319e7b04d1262021-12-20 16:36:08.176root
11241100x8000000000000000856962Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:08.177{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9dfa07524e4bc1772021-12-20 16:36:08.177root
11241100x8000000000000000856963Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:08.177{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9bf71eb23cf4e38d2021-12-20 16:36:08.177root
11241100x8000000000000000856964Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:08.177{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2cd207cf7fc6de9e2021-12-20 16:36:08.177root
11241100x8000000000000000856965Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:08.177{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f6c3a904a00d6d72021-12-20 16:36:08.177root
11241100x8000000000000000856966Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:08.177{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a43702049a67df32021-12-20 16:36:08.177root
11241100x8000000000000000856967Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:08.177{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eabecd210a1eea7b2021-12-20 16:36:08.177root
11241100x8000000000000000856968Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:08.177{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b5cd791037099082021-12-20 16:36:08.177root
11241100x8000000000000000856969Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:08.178{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc6f5bb236165db02021-12-20 16:36:08.178root
11241100x8000000000000000856970Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:08.178{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6334487037c259842021-12-20 16:36:08.178root
11241100x8000000000000000856971Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:08.178{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0cf6f85a42e032a72021-12-20 16:36:08.178root
11241100x8000000000000000856972Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:08.178{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd3f2910efefeb1f2021-12-20 16:36:08.178root
11241100x8000000000000000856973Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:08.179{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b58e924392ce69f2021-12-20 16:36:08.179root
11241100x8000000000000000856974Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:08.179{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.451c71704b50e6ed2021-12-20 16:36:08.179root
11241100x8000000000000000856975Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:08.179{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.14521bff37ee3aab2021-12-20 16:36:08.179root
11241100x8000000000000000856976Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:08.179{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0bf269d473ef894e2021-12-20 16:36:08.179root
11241100x8000000000000000856977Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:08.674{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ca217dd5b88a7092021-12-20 16:36:08.674root
11241100x8000000000000000856978Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:08.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2bea138a717bead12021-12-20 16:36:08.675root
11241100x8000000000000000856979Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:08.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a9167101caccb0222021-12-20 16:36:08.675root
11241100x8000000000000000856980Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:08.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f9aa8e86badc7e332021-12-20 16:36:08.675root
11241100x8000000000000000856981Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:08.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fdae6923d2f7e0b42021-12-20 16:36:08.675root
11241100x8000000000000000856982Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:08.676{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.94ef44cd8e7fda5d2021-12-20 16:36:08.676root
11241100x8000000000000000856983Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:08.676{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.44d771a967ddb2332021-12-20 16:36:08.676root
11241100x8000000000000000856984Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:08.676{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4f05529d4559f5a2021-12-20 16:36:08.676root
11241100x8000000000000000856985Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:08.676{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.438306fc5b4cdec32021-12-20 16:36:08.676root
11241100x8000000000000000856986Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:08.676{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0321022705c13fa72021-12-20 16:36:08.676root
11241100x8000000000000000856987Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:08.676{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.424ef91c28809cf42021-12-20 16:36:08.676root
11241100x8000000000000000856988Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:08.677{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f3c88488dd516c42021-12-20 16:36:08.677root
11241100x8000000000000000856989Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:08.677{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.05b2c89333b98c1b2021-12-20 16:36:08.677root
11241100x8000000000000000856990Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:08.677{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ceb168463d727592021-12-20 16:36:08.677root
11241100x8000000000000000856991Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:08.677{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.68a0348033b92c6c2021-12-20 16:36:08.677root
11241100x8000000000000000856992Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:08.677{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c1f4f394cd5ef60c2021-12-20 16:36:08.677root
11241100x8000000000000000856993Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:08.677{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba7a31d7402294212021-12-20 16:36:08.677root
11241100x8000000000000000856994Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:08.677{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae974551cc3b265b2021-12-20 16:36:08.677root
11241100x8000000000000000856995Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:08.677{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a4603f62ae525502021-12-20 16:36:08.677root
11241100x8000000000000000856996Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:08.678{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9cc1250101bc59582021-12-20 16:36:08.678root
11241100x8000000000000000856997Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:08.678{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54e342cc17440cc52021-12-20 16:36:08.678root
11241100x8000000000000000856998Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:08.678{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33b3f1233dcfc7b62021-12-20 16:36:08.678root
11241100x8000000000000000856999Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:08.678{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0295b4a6d40e45392021-12-20 16:36:08.678root
11241100x8000000000000000857000Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:08.679{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00b5cb3799c5f68b2021-12-20 16:36:08.679root
11241100x8000000000000000857001Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:08.679{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bfa67ff16036d3732021-12-20 16:36:08.679root
11241100x8000000000000000857002Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:08.679{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd82c9509b769db92021-12-20 16:36:08.679root
11241100x8000000000000000857003Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:08.679{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc978971d21d34042021-12-20 16:36:08.679root
23542300x8000000000000000857004Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:08.880{ec2c97d1-6aa3-61c0-30c8-0d28b1550000}5188root/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log---
11241100x8000000000000000857005Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.175{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.040d785c9e9db4102021-12-20 16:36:09.175root
11241100x8000000000000000857006Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.175{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3bc901186742f452021-12-20 16:36:09.175root
11241100x8000000000000000857007Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9243513eedd06b1a2021-12-20 16:36:09.176root
11241100x8000000000000000857008Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2db9ca1c31d1b7862021-12-20 16:36:09.176root
11241100x8000000000000000857009Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c84f452440b972792021-12-20 16:36:09.176root
11241100x8000000000000000857010Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d4ca8e55029c2732021-12-20 16:36:09.176root
11241100x8000000000000000857011Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b43a914d54f9ca72021-12-20 16:36:09.176root
11241100x8000000000000000857012Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76faaad27b79dd852021-12-20 16:36:09.176root
11241100x8000000000000000857013Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c3c452527d7fd5c32021-12-20 16:36:09.176root
11241100x8000000000000000857014Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.35c6e23bc6a8f0552021-12-20 16:36:09.176root
11241100x8000000000000000857015Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33523f720a6fed942021-12-20 16:36:09.176root
11241100x8000000000000000857016Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c5374d3b3bd43bd52021-12-20 16:36:09.176root
11241100x8000000000000000857017Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bcdffcb6fbfdf0dc2021-12-20 16:36:09.176root
11241100x8000000000000000857018Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.177{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0fdbc8f56f005bd72021-12-20 16:36:09.177root
11241100x8000000000000000857019Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.177{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a904dbc14e035e62021-12-20 16:36:09.177root
11241100x8000000000000000857020Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.177{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.43eaa717a4202a592021-12-20 16:36:09.177root
11241100x8000000000000000857021Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.177{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c6567ab24bf79652021-12-20 16:36:09.177root
11241100x8000000000000000857022Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.177{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.404662e88c058f8d2021-12-20 16:36:09.177root
11241100x8000000000000000857023Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.177{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c10e3313ce5d5852021-12-20 16:36:09.177root
11241100x8000000000000000857024Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.178{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ead8fcdc36536b5a2021-12-20 16:36:09.178root
11241100x8000000000000000857025Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.178{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b448a4e497aae8a2021-12-20 16:36:09.178root
11241100x8000000000000000857026Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.178{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8688b4dc9a25ffb92021-12-20 16:36:09.178root
11241100x8000000000000000857027Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.178{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f8b916cf7e7b6ab02021-12-20 16:36:09.178root
11241100x8000000000000000857028Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.178{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.59ea1256b8d63ced2021-12-20 16:36:09.178root
11241100x8000000000000000857029Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.179{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.623846b43bdc99af2021-12-20 16:36:09.179root
11241100x8000000000000000857030Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.179{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.939863912c6cfe9d2021-12-20 16:36:09.179root
11241100x8000000000000000857031Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.179{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b011b07949342792021-12-20 16:36:09.179root
11241100x8000000000000000857032Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.179{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a5f951e79193e702021-12-20 16:36:09.179root
11241100x8000000000000000857033Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.179{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e46a7f0a95b508f2021-12-20 16:36:09.179root
11241100x8000000000000000857034Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.179{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a64e4a31910e260c2021-12-20 16:36:09.179root
11241100x8000000000000000857035Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.179{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ba3f70b4507cecc2021-12-20 16:36:09.179root
11241100x8000000000000000857036Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.180{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c387e7c28caaf742021-12-20 16:36:09.180root
11241100x8000000000000000857037Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.674{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0614fd1818f207362021-12-20 16:36:09.674root
11241100x8000000000000000857038Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.674{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dfafe7ab3c870a2c2021-12-20 16:36:09.674root
11241100x8000000000000000857039Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.674{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.73fdedc6130ca02b2021-12-20 16:36:09.674root
11241100x8000000000000000857040Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.674{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b34edd467a1865d52021-12-20 16:36:09.674root
11241100x8000000000000000857041Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.674{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9cc8d94a1c3eee762021-12-20 16:36:09.674root
11241100x8000000000000000857042Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e32fb27e9f8156c2021-12-20 16:36:09.675root
11241100x8000000000000000857043Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2158b34e6958011d2021-12-20 16:36:09.675root
11241100x8000000000000000857044Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9747aeaee956b5312021-12-20 16:36:09.675root
11241100x8000000000000000857045Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2d9823c37fca7a62021-12-20 16:36:09.675root
11241100x8000000000000000857046Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.72f805ae02ddf75f2021-12-20 16:36:09.675root
11241100x8000000000000000857047Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e85d6caffb45116d2021-12-20 16:36:09.675root
11241100x8000000000000000857048Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9676a65971937eb32021-12-20 16:36:09.675root
11241100x8000000000000000857049Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dee366a153623c332021-12-20 16:36:09.675root
11241100x8000000000000000857050Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c2d20ba4786a93d2021-12-20 16:36:09.675root
11241100x8000000000000000857051Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.676{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c15ac1cee1d278112021-12-20 16:36:09.676root
11241100x8000000000000000857052Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.676{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c3daf16bd67eb0422021-12-20 16:36:09.676root
11241100x8000000000000000857053Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.676{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.668486134577aba12021-12-20 16:36:09.676root
11241100x8000000000000000857054Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.676{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eacb4e7b1d6e5f562021-12-20 16:36:09.676root
11241100x8000000000000000857055Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.676{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3762bbad3e04a20f2021-12-20 16:36:09.676root
11241100x8000000000000000857056Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.676{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.251bb3abcc02b13b2021-12-20 16:36:09.676root
11241100x8000000000000000857057Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.677{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ea5289c60e655bae2021-12-20 16:36:09.677root
11241100x8000000000000000857058Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.677{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8df96c43ff842e4c2021-12-20 16:36:09.677root
11241100x8000000000000000857059Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.677{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bec1bc71838e385e2021-12-20 16:36:09.677root
11241100x8000000000000000857060Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.677{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c8d87ab7eaf812d2021-12-20 16:36:09.677root
11241100x8000000000000000857061Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.677{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b296b5e247b281f2021-12-20 16:36:09.677root
11241100x8000000000000000857062Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.677{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a4d7ee4812c964792021-12-20 16:36:09.677root
11241100x8000000000000000857063Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.677{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.221b052d55edaf2c2021-12-20 16:36:09.677root
11241100x8000000000000000857064Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.677{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.82d485d2ddeed07d2021-12-20 16:36:09.677root
11241100x8000000000000000857065Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.677{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6699a77a458a13862021-12-20 16:36:09.677root
11241100x8000000000000000857066Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.678{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a06c86ec6c73711e2021-12-20 16:36:09.678root
11241100x8000000000000000857067Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.678{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4509e8d03ff4857e2021-12-20 16:36:09.678root
11241100x8000000000000000857068Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.678{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2ba0bde7a4c4a1c2021-12-20 16:36:09.678root
11241100x8000000000000000857069Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.679{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.209769276d5696482021-12-20 16:36:09.679root
11241100x8000000000000000857070Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.679{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f20e4149d6d6cef92021-12-20 16:36:09.679root
11241100x8000000000000000857071Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.679{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.31c6ccc596d02b8c2021-12-20 16:36:09.679root
11241100x8000000000000000857072Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:09.679{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0402b5bf4bfb1e6c2021-12-20 16:36:09.679root
354300x8000000000000000857073Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.158{ec2c97d1-6aab-61c0-5175-3a0400000000}5261/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-52348-false10.0.1.12-8000-
11241100x8000000000000000857074Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.159{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc774efbdaa2f4232021-12-20 16:36:10.159root
11241100x8000000000000000857075Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.159{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.67aff973e07ec4a72021-12-20 16:36:10.159root
11241100x8000000000000000857076Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.159{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d243e67d61c6e7042021-12-20 16:36:10.159root
11241100x8000000000000000857077Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.159{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c463866099cf1ba82021-12-20 16:36:10.159root
11241100x8000000000000000857078Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.160{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95ab69d4bdf88ea02021-12-20 16:36:10.160root
11241100x8000000000000000857079Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.160{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d93f78d5a0b2f322021-12-20 16:36:10.160root
11241100x8000000000000000857080Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.160{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.131ef9e2ed1031352021-12-20 16:36:10.160root
11241100x8000000000000000857081Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.160{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4822e9ccd618775f2021-12-20 16:36:10.160root
11241100x8000000000000000857082Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.160{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c57499d24fe37f4a2021-12-20 16:36:10.160root
11241100x8000000000000000857083Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.160{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.963886fc99ce59532021-12-20 16:36:10.160root
11241100x8000000000000000857084Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.160{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.189aebee2f0287712021-12-20 16:36:10.160root
11241100x8000000000000000857085Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.160{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77ac9f508985a54c2021-12-20 16:36:10.160root
11241100x8000000000000000857086Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.161{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9365c0c6f2c730012021-12-20 16:36:10.161root
11241100x8000000000000000857087Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.161{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3131fb07980100f2021-12-20 16:36:10.161root
11241100x8000000000000000857088Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.161{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.99d3862a6e6f77a62021-12-20 16:36:10.161root
11241100x8000000000000000857089Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.161{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6dd6a49edd7687b2021-12-20 16:36:10.161root
11241100x8000000000000000857090Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.161{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9fc0649faf4763c72021-12-20 16:36:10.161root
11241100x8000000000000000857091Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.161{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1264d4719c5a9cbb2021-12-20 16:36:10.161root
11241100x8000000000000000857092Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.161{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7afabe68bf5ff7672021-12-20 16:36:10.161root
11241100x8000000000000000857093Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.161{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a043e1ad6f9a23532021-12-20 16:36:10.161root
11241100x8000000000000000857094Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.161{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e8548d2bc9510532021-12-20 16:36:10.161root
11241100x8000000000000000857095Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.162{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5da06655fcd37c412021-12-20 16:36:10.162root
11241100x8000000000000000857096Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.162{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.08e8aac75880d78f2021-12-20 16:36:10.162root
11241100x8000000000000000857097Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.162{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.83f4d04dcefb87c92021-12-20 16:36:10.162root
11241100x8000000000000000857098Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.162{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ad191bc5ff5601672021-12-20 16:36:10.162root
11241100x8000000000000000857099Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.162{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.87132968ef66d3922021-12-20 16:36:10.162root
11241100x8000000000000000857100Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.162{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3071b129711fd2172021-12-20 16:36:10.162root
11241100x8000000000000000857101Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.162{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e6b9ac265f8c04a2021-12-20 16:36:10.162root
11241100x8000000000000000857102Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.162{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d697bbef70c28af2021-12-20 16:36:10.162root
11241100x8000000000000000857103Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.163{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.abe5cb10477e0cdf2021-12-20 16:36:10.163root
11241100x8000000000000000857104Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.163{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3821753de42b524b2021-12-20 16:36:10.163root
11241100x8000000000000000857105Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.163{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91e6f6e9fa77b8382021-12-20 16:36:10.163root
11241100x8000000000000000857106Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.163{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09f1c7b2509ed48b2021-12-20 16:36:10.163root
11241100x8000000000000000857107Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.163{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c8dedd112247ba402021-12-20 16:36:10.163root
11241100x8000000000000000857108Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.163{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.20039e92e2f9d2722021-12-20 16:36:10.163root
11241100x8000000000000000857109Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.424{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de01fe6fa4a069872021-12-20 16:36:10.424root
11241100x8000000000000000857110Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.424{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c88d16b8f8da1b092021-12-20 16:36:10.424root
11241100x8000000000000000857111Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.424{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8547acc41e2d98c52021-12-20 16:36:10.424root
11241100x8000000000000000857112Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.424{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.06884a324646c0a72021-12-20 16:36:10.424root
11241100x8000000000000000857113Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.424{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ea8e268a6c897f172021-12-20 16:36:10.424root
11241100x8000000000000000857114Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.424{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.87b2e30bfa4327622021-12-20 16:36:10.424root
11241100x8000000000000000857115Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.424{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0bacad3062ffc8db2021-12-20 16:36:10.424root
11241100x8000000000000000857116Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.424{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d708caafe6deca542021-12-20 16:36:10.424root
11241100x8000000000000000857117Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.425{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db1f4e6a848b64f52021-12-20 16:36:10.425root
11241100x8000000000000000857118Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.425{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b5de7154be2c4c82021-12-20 16:36:10.425root
11241100x8000000000000000857119Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.425{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.88ecb5ed019a1b402021-12-20 16:36:10.425root
11241100x8000000000000000857120Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.425{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d1f742416b001352021-12-20 16:36:10.425root
11241100x8000000000000000857121Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.425{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f06197e25e862e3a2021-12-20 16:36:10.425root
11241100x8000000000000000857122Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.425{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee8202f6f3a6d9cf2021-12-20 16:36:10.425root
11241100x8000000000000000857123Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.425{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f2510e54affa98d2021-12-20 16:36:10.425root
11241100x8000000000000000857124Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.426{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.92091d48a68891632021-12-20 16:36:10.426root
11241100x8000000000000000857125Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.426{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.42b309f5f0e8ea5e2021-12-20 16:36:10.426root
11241100x8000000000000000857126Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.426{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da47b737ea5d4d732021-12-20 16:36:10.426root
11241100x8000000000000000857127Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.426{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8932d045fe8c251d2021-12-20 16:36:10.426root
11241100x8000000000000000857128Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.426{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ed52effc25445b02021-12-20 16:36:10.426root
11241100x8000000000000000857129Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.426{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.46695277647447562021-12-20 16:36:10.426root
11241100x8000000000000000857130Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.427{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e0c9fa8dd9e8f8d2021-12-20 16:36:10.427root
11241100x8000000000000000857131Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.427{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4eeaf46c506a22762021-12-20 16:36:10.427root
11241100x8000000000000000857132Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.428{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f4cfd03d19ab5892021-12-20 16:36:10.428root
11241100x8000000000000000857133Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.428{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bfc4a425fc737b502021-12-20 16:36:10.428root
11241100x8000000000000000857134Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.428{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c8bcdba55e2869482021-12-20 16:36:10.428root
11241100x8000000000000000857135Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.428{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ced33892d0bb5a502021-12-20 16:36:10.428root
11241100x8000000000000000857136Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.429{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c7c2063da97eabe2021-12-20 16:36:10.429root
11241100x8000000000000000857137Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.429{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d35b58f86757e1212021-12-20 16:36:10.429root
11241100x8000000000000000857138Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.429{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6c05b20ae254c952021-12-20 16:36:10.429root
11241100x8000000000000000857139Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.429{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fabc354d77523fb62021-12-20 16:36:10.429root
11241100x8000000000000000857140Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.429{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f479c67042b08a12021-12-20 16:36:10.429root
11241100x8000000000000000857141Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.429{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95412dadf60830de2021-12-20 16:36:10.429root
11241100x8000000000000000857142Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.430{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c438cf1f6dd52be02021-12-20 16:36:10.430root
11241100x8000000000000000857143Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.430{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0fc507fcc978bb042021-12-20 16:36:10.430root
11241100x8000000000000000857144Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.430{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ded250312de54ac32021-12-20 16:36:10.430root
11241100x8000000000000000857145Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.430{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9539dc7b7c2af2c12021-12-20 16:36:10.430root
11241100x8000000000000000857146Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.430{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.26792bfee0b98f762021-12-20 16:36:10.430root
11241100x8000000000000000857147Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.430{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.87737a5e230609ea2021-12-20 16:36:10.430root
11241100x8000000000000000857148Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.430{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cdcdcc778b0860062021-12-20 16:36:10.430root
11241100x8000000000000000857149Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.430{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0bd64688d8e73b222021-12-20 16:36:10.430root
11241100x8000000000000000857150Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.430{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e51da603131cf042021-12-20 16:36:10.430root
11241100x8000000000000000857151Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.430{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a32863018e679f52021-12-20 16:36:10.430root
11241100x8000000000000000857152Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.431{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96bfb1ad0e3260b82021-12-20 16:36:10.431root
11241100x8000000000000000857153Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.431{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a4e44c11e37c49662021-12-20 16:36:10.431root
11241100x8000000000000000857154Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.431{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.774de0df389f122a2021-12-20 16:36:10.431root
11241100x8000000000000000857155Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.431{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63bc7d3586e70f072021-12-20 16:36:10.431root
11241100x8000000000000000857156Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.431{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d5bf5da0ff778252021-12-20 16:36:10.431root
11241100x8000000000000000857157Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.431{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.873dcd881536e4c52021-12-20 16:36:10.431root
11241100x8000000000000000857158Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.431{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc61fe8457cad9592021-12-20 16:36:10.431root
11241100x8000000000000000857159Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.924{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d31fe1514111f362021-12-20 16:36:10.924root
11241100x8000000000000000857160Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.924{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.904e99e30f6afe1b2021-12-20 16:36:10.924root
11241100x8000000000000000857161Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.924{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f6536d4640a2906d2021-12-20 16:36:10.924root
11241100x8000000000000000857162Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.924{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d4eae74d33f920b42021-12-20 16:36:10.924root
11241100x8000000000000000857163Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.925{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.348fc95d6003f38c2021-12-20 16:36:10.925root
11241100x8000000000000000857164Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.925{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2dd8f4cac5857f312021-12-20 16:36:10.925root
11241100x8000000000000000857165Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.925{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.acc9d050c5588e732021-12-20 16:36:10.925root
11241100x8000000000000000857166Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.925{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.52a66b8d6b69464d2021-12-20 16:36:10.925root
11241100x8000000000000000857167Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.925{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.524dc4eb30864fa72021-12-20 16:36:10.925root
11241100x8000000000000000857168Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.926{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e115ca4018dc91c2021-12-20 16:36:10.926root
11241100x8000000000000000857169Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.926{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95a172bb830227682021-12-20 16:36:10.926root
11241100x8000000000000000857170Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.926{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c526d31d3a927ec62021-12-20 16:36:10.926root
11241100x8000000000000000857171Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.926{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9756f80a53bdf56e2021-12-20 16:36:10.926root
11241100x8000000000000000857172Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.926{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a7bae8fdea5bb6d82021-12-20 16:36:10.926root
11241100x8000000000000000857173Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.926{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.01f25b77a7dc18022021-12-20 16:36:10.926root
11241100x8000000000000000857174Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.926{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d9ab8b0dcab02682021-12-20 16:36:10.926root
11241100x8000000000000000857175Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.926{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.35909827d4a4ea872021-12-20 16:36:10.926root
11241100x8000000000000000857176Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.926{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b08366094eb40c4a2021-12-20 16:36:10.926root
11241100x8000000000000000857177Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.927{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a321dde0e6bdb4a82021-12-20 16:36:10.927root
11241100x8000000000000000857178Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.927{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b84d0836fd52e8ee2021-12-20 16:36:10.927root
11241100x8000000000000000857179Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.927{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a9a13411141706a02021-12-20 16:36:10.927root
11241100x8000000000000000857180Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.927{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8818f10fb411dfd2021-12-20 16:36:10.927root
11241100x8000000000000000857181Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.927{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5000217118e1120d2021-12-20 16:36:10.927root
11241100x8000000000000000857182Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.927{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cfa508a7c5098e5c2021-12-20 16:36:10.927root
11241100x8000000000000000857183Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.927{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.01ee394676ec7f9b2021-12-20 16:36:10.927root
11241100x8000000000000000857184Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.927{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7e86e8a6dea0a8e2021-12-20 16:36:10.927root
11241100x8000000000000000857185Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.928{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.051d9801418cbe3d2021-12-20 16:36:10.928root
11241100x8000000000000000857186Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.929{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.88029a16ddb2b1012021-12-20 16:36:10.929root
11241100x8000000000000000857187Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.929{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.84c1cbd19fbad7642021-12-20 16:36:10.929root
11241100x8000000000000000857188Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.929{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e2fba543a11d77f72021-12-20 16:36:10.929root
11241100x8000000000000000857189Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.929{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb2a945386a120202021-12-20 16:36:10.929root
11241100x8000000000000000857190Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.929{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d8afe9f03d539622021-12-20 16:36:10.929root
11241100x8000000000000000857191Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.929{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0cfc05c9a6964eba2021-12-20 16:36:10.929root
11241100x8000000000000000857192Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.929{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.98826c3242129f1d2021-12-20 16:36:10.929root
11241100x8000000000000000857193Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.930{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f141328890570f42021-12-20 16:36:10.930root
11241100x8000000000000000857194Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:10.930{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d2cafb98cf8adae2021-12-20 16:36:10.930root
11241100x8000000000000000857195Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:11.424{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c3306b7889cd62672021-12-20 16:36:11.424root
11241100x8000000000000000857196Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:11.424{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0574647d788797ee2021-12-20 16:36:11.424root
11241100x8000000000000000857197Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:11.424{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6378eb1402ac4e2d2021-12-20 16:36:11.424root
11241100x8000000000000000857198Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:11.424{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce30549999afa5e72021-12-20 16:36:11.424root
11241100x8000000000000000857199Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:11.425{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f2f9469b8b9113432021-12-20 16:36:11.425root
11241100x8000000000000000857200Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:11.425{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b5622819c3612b22021-12-20 16:36:11.425root
11241100x8000000000000000857201Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:11.425{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dddf1f732993591e2021-12-20 16:36:11.425root
11241100x8000000000000000857202Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:11.425{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f984448bc9537e1c2021-12-20 16:36:11.425root
11241100x8000000000000000857203Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:11.425{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6304df79a32ac6aa2021-12-20 16:36:11.425root
11241100x8000000000000000857204Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:11.425{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d2003a8e180fb3e2021-12-20 16:36:11.425root
11241100x8000000000000000857205Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:11.425{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1959aab71285a0c92021-12-20 16:36:11.425root
11241100x8000000000000000857206Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:11.425{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2eb977f7a11e8ce82021-12-20 16:36:11.425root
11241100x8000000000000000857207Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:11.425{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e070537495d040f2021-12-20 16:36:11.425root
11241100x8000000000000000857208Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:11.426{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.16f71510747b479f2021-12-20 16:36:11.426root
11241100x8000000000000000857209Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:11.426{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc6397ad400b6ea72021-12-20 16:36:11.426root
11241100x8000000000000000857210Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:11.426{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd78e36001d5bf982021-12-20 16:36:11.426root
11241100x8000000000000000857211Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:11.426{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff710ff11f188ca42021-12-20 16:36:11.426root
11241100x8000000000000000857212Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:11.426{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4fef994073e5a552021-12-20 16:36:11.426root
11241100x8000000000000000857213Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:11.426{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3104f8063d6541972021-12-20 16:36:11.426root
11241100x8000000000000000857214Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:11.426{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b59fe76cfeffff82021-12-20 16:36:11.426root
11241100x8000000000000000857215Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:11.427{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.60464f21f8b9127a2021-12-20 16:36:11.427root
11241100x8000000000000000857216Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:11.427{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3e0f259176efa462021-12-20 16:36:11.427root
11241100x8000000000000000857217Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:11.427{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2abca94fd06390e32021-12-20 16:36:11.427root
11241100x8000000000000000857218Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:11.427{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.92c410b5d13fb55f2021-12-20 16:36:11.427root
11241100x8000000000000000857219Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:11.427{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21e30f5866b7157f2021-12-20 16:36:11.427root
11241100x8000000000000000857220Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:11.428{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fb37ceed802f83f22021-12-20 16:36:11.428root
11241100x8000000000000000857221Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:11.428{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1ae506a4d7f8170f2021-12-20 16:36:11.428root
11241100x8000000000000000857222Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:11.428{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1b6edba438704832021-12-20 16:36:11.428root
11241100x8000000000000000857223Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:11.428{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.43424bee49a3c3bb2021-12-20 16:36:11.428root
11241100x8000000000000000857224Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:11.924{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d8f18978f7533402021-12-20 16:36:11.924root
11241100x8000000000000000857225Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:11.924{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.64a4974cf430b2122021-12-20 16:36:11.924root
11241100x8000000000000000857226Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:11.925{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b47dc53d2f1a2ad2021-12-20 16:36:11.925root
11241100x8000000000000000857227Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:11.925{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb181981dca2fa132021-12-20 16:36:11.925root
11241100x8000000000000000857228Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:11.925{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7513102efa8b657c2021-12-20 16:36:11.925root
11241100x8000000000000000857229Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:11.925{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ecd8cca6ed4d4052021-12-20 16:36:11.925root
11241100x8000000000000000857230Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:11.925{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e5f52df8233e7692021-12-20 16:36:11.925root
11241100x8000000000000000857231Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:11.925{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7891e9d5db61fe5e2021-12-20 16:36:11.925root
11241100x8000000000000000857232Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:11.925{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.640fddaf556fcee52021-12-20 16:36:11.925root
11241100x8000000000000000857233Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:11.926{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e2e67bfa42cc7f52021-12-20 16:36:11.926root
11241100x8000000000000000857234Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:11.926{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b357f3135e9b22022021-12-20 16:36:11.926root
11241100x8000000000000000857235Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:11.926{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bebf7cc1053aafa92021-12-20 16:36:11.926root
11241100x8000000000000000857236Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:11.926{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2419826375ec6ac32021-12-20 16:36:11.926root
11241100x8000000000000000857237Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:11.926{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.244c2add6f168bd42021-12-20 16:36:11.926root
11241100x8000000000000000857238Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:11.926{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.45c8f747cdf30fcf2021-12-20 16:36:11.926root
11241100x8000000000000000857239Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:11.926{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b746bccba28fac532021-12-20 16:36:11.926root
11241100x8000000000000000857240Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:11.926{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b03e6add11f67972021-12-20 16:36:11.926root
11241100x8000000000000000857241Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:11.927{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e27c03b68e750a672021-12-20 16:36:11.927root
11241100x8000000000000000857242Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:11.927{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c8aa62700d65a8e2021-12-20 16:36:11.927root
11241100x8000000000000000857243Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:11.927{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b08a87e7ee975152021-12-20 16:36:11.927root
11241100x8000000000000000857244Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:11.927{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.15be73506ea4d3362021-12-20 16:36:11.927root
11241100x8000000000000000857245Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:11.927{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca8ccf888821d0e72021-12-20 16:36:11.927root
11241100x8000000000000000857246Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:11.927{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d9ca4da6194e6992021-12-20 16:36:11.927root
11241100x8000000000000000857247Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:11.927{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f804e7f355bd2b722021-12-20 16:36:11.927root
11241100x8000000000000000857248Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:11.927{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d42cef29af735b892021-12-20 16:36:11.927root
11241100x8000000000000000857249Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:11.928{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.171cc63524c1fca72021-12-20 16:36:11.928root
11241100x8000000000000000857250Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:11.928{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c24888717fdd9df72021-12-20 16:36:11.928root
11241100x8000000000000000857251Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:11.928{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc75a9499d0578de2021-12-20 16:36:11.928root
11241100x8000000000000000857252Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:11.928{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ce93373c15920642021-12-20 16:36:11.928root
11241100x8000000000000000857253Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:11.928{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.36334b5a226120ec2021-12-20 16:36:11.928root
11241100x8000000000000000857254Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:11.928{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.350ff4f08a3ffd152021-12-20 16:36:11.928root
11241100x8000000000000000857255Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.424{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33afe3ade08b5fee2021-12-20 16:36:12.424root
11241100x8000000000000000857256Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.424{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d12c798f60d03e02021-12-20 16:36:12.424root
11241100x8000000000000000857257Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.424{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe42e55af2f4c19e2021-12-20 16:36:12.424root
11241100x8000000000000000857258Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.424{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fbec7904a519f0ba2021-12-20 16:36:12.424root
11241100x8000000000000000857259Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.425{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b7eb31ec17d2bd32021-12-20 16:36:12.425root
11241100x8000000000000000857260Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.425{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21127688272dffcc2021-12-20 16:36:12.425root
11241100x8000000000000000857261Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.425{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4042acd91be34dc82021-12-20 16:36:12.425root
11241100x8000000000000000857262Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.425{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.711413ffe511b1f02021-12-20 16:36:12.425root
11241100x8000000000000000857263Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.425{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0f81c0a30fa60d9c2021-12-20 16:36:12.425root
11241100x8000000000000000857264Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.425{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8bd22f46c3d35182021-12-20 16:36:12.425root
11241100x8000000000000000857265Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.425{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf756d16806a4ab12021-12-20 16:36:12.425root
11241100x8000000000000000857266Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.425{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fdbe26e3d5e11ba52021-12-20 16:36:12.425root
11241100x8000000000000000857267Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.425{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.caf8f8087fb3c26e2021-12-20 16:36:12.425root
11241100x8000000000000000857268Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.426{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.375cf52f62ccdd002021-12-20 16:36:12.426root
11241100x8000000000000000857269Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.426{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.648a02a93afdcfd72021-12-20 16:36:12.426root
11241100x8000000000000000857270Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.426{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c3bf7865673ac2522021-12-20 16:36:12.426root
11241100x8000000000000000857271Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.426{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.130ec715a17a5ff72021-12-20 16:36:12.426root
11241100x8000000000000000857272Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.426{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8523957b171bfc5f2021-12-20 16:36:12.426root
11241100x8000000000000000857273Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.426{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8232fba1600680102021-12-20 16:36:12.426root
11241100x8000000000000000857274Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.426{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.24e0a8610819f6b92021-12-20 16:36:12.426root
11241100x8000000000000000857275Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.426{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e118781b72f85ab82021-12-20 16:36:12.426root
11241100x8000000000000000857276Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.426{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54c3255cf24d9e052021-12-20 16:36:12.426root
11241100x8000000000000000857277Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.427{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f4f4415af7301e132021-12-20 16:36:12.427root
11241100x8000000000000000857278Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.427{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa128f7be8f741292021-12-20 16:36:12.427root
11241100x8000000000000000857279Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.427{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b93d6b803bcefbe62021-12-20 16:36:12.427root
11241100x8000000000000000857280Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.428{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.655c37e74f2ea1162021-12-20 16:36:12.428root
11241100x8000000000000000857281Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.428{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d133dd1a82ba76622021-12-20 16:36:12.428root
11241100x8000000000000000857282Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.428{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6263a9c87c9c84d42021-12-20 16:36:12.428root
11241100x8000000000000000857283Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.428{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4796fc64335861592021-12-20 16:36:12.428root
11241100x8000000000000000857284Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.428{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d10808205002cb682021-12-20 16:36:12.428root
11241100x8000000000000000857285Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.924{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a875afe04b9a05c62021-12-20 16:36:12.924root
11241100x8000000000000000857286Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.925{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.048ccd8e47e510092021-12-20 16:36:12.925root
11241100x8000000000000000857287Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.925{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d2bcf90ed8cea1922021-12-20 16:36:12.925root
11241100x8000000000000000857288Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.925{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b90c6d4b4e0bd282021-12-20 16:36:12.925root
11241100x8000000000000000857289Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.925{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.15a5d836d887c44e2021-12-20 16:36:12.925root
11241100x8000000000000000857290Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.925{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.28deb957da4f0b332021-12-20 16:36:12.925root
11241100x8000000000000000857291Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.925{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c8ebe76d640d8452021-12-20 16:36:12.925root
11241100x8000000000000000857292Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.925{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.691b658d5b74bba72021-12-20 16:36:12.925root
11241100x8000000000000000857293Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.926{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6d05b632d8b8a2b2021-12-20 16:36:12.926root
11241100x8000000000000000857294Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.926{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce74de7fbb549b812021-12-20 16:36:12.926root
11241100x8000000000000000857295Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.926{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac97ff8f24ea011a2021-12-20 16:36:12.926root
11241100x8000000000000000857296Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.926{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e66053d0cce899c2021-12-20 16:36:12.926root
11241100x8000000000000000857297Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.926{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.16eb72959dadf91f2021-12-20 16:36:12.926root
11241100x8000000000000000857298Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.926{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c8eb002b52d42f502021-12-20 16:36:12.926root
11241100x8000000000000000857299Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.927{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2675befc97ef79972021-12-20 16:36:12.927root
11241100x8000000000000000857300Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.927{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.98a23cc1bd5574f42021-12-20 16:36:12.927root
11241100x8000000000000000857301Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.927{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d34164d2dd0c5a8b2021-12-20 16:36:12.927root
11241100x8000000000000000857302Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.927{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b59518a51e7655f2021-12-20 16:36:12.927root
11241100x8000000000000000857303Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.927{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fb3ae1b2df9398422021-12-20 16:36:12.927root
11241100x8000000000000000857304Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.927{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ad2b28715e4087522021-12-20 16:36:12.927root
11241100x8000000000000000857305Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.928{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c34a7e57af1449412021-12-20 16:36:12.928root
11241100x8000000000000000857306Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.928{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.664846ce1a8c522d2021-12-20 16:36:12.928root
11241100x8000000000000000857307Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.928{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e74c781df3b8ffd2021-12-20 16:36:12.928root
11241100x8000000000000000857308Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.928{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.747f3542c8d505f72021-12-20 16:36:12.928root
11241100x8000000000000000857309Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.928{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a729c8fecc528e7e2021-12-20 16:36:12.928root
11241100x8000000000000000857310Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.928{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8023ae912e31145c2021-12-20 16:36:12.928root
11241100x8000000000000000857311Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.928{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.633c2a24c7a9000a2021-12-20 16:36:12.928root
11241100x8000000000000000857312Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.929{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.06466d1abd198a722021-12-20 16:36:12.929root
11241100x8000000000000000857313Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.929{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e9d831abb3e9f6d32021-12-20 16:36:12.929root
11241100x8000000000000000857314Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.929{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a60c9100f2b5c622021-12-20 16:36:12.929root
11241100x8000000000000000857315Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.929{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc524916a5b47e472021-12-20 16:36:12.929root
11241100x8000000000000000857316Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.929{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bfb6f0311e3fc9212021-12-20 16:36:12.929root
11241100x8000000000000000857317Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.929{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.772ed98ad39d32a62021-12-20 16:36:12.929root
11241100x8000000000000000857318Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.929{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae786c1682cfba522021-12-20 16:36:12.929root
11241100x8000000000000000857319Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.929{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8131a31d097a5ac2021-12-20 16:36:12.929root
11241100x8000000000000000857320Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:12.930{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e2fe80f4d2aa80e2021-12-20 16:36:12.930root
11241100x8000000000000000857321Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:13.424{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a6295cb1eb2ac552021-12-20 16:36:13.424root
11241100x8000000000000000857322Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:13.424{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.822602d2d5bb24032021-12-20 16:36:13.424root
11241100x8000000000000000857323Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:13.425{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.900d7497d1442d702021-12-20 16:36:13.425root
11241100x8000000000000000857324Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:13.425{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47aa9f7cd5256def2021-12-20 16:36:13.425root
11241100x8000000000000000857325Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:13.425{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1793b12ee7a8dfc02021-12-20 16:36:13.425root
11241100x8000000000000000857326Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:13.425{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.83c17ebfdca276372021-12-20 16:36:13.425root
11241100x8000000000000000857327Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:13.425{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b1286186769c9dfd2021-12-20 16:36:13.425root
11241100x8000000000000000857328Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:13.425{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.079bcbbf13dc64852021-12-20 16:36:13.425root
11241100x8000000000000000857329Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:13.425{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.249f9009e463d6812021-12-20 16:36:13.425root
11241100x8000000000000000857330Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:13.425{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8da5e5fe34873bef2021-12-20 16:36:13.425root
11241100x8000000000000000857331Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:13.425{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3549c3fb033fdb52021-12-20 16:36:13.425root
11241100x8000000000000000857332Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:13.426{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8bf0fe31f6ca27582021-12-20 16:36:13.426root
11241100x8000000000000000857333Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:13.426{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.741e9d1a2cbb93a72021-12-20 16:36:13.426root
11241100x8000000000000000857334Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:13.426{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f553b5c3abb2f90f2021-12-20 16:36:13.426root
11241100x8000000000000000857335Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:13.426{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.abd931a668a5e5622021-12-20 16:36:13.426root
11241100x8000000000000000857336Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:13.426{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f1d0bb825519b0a12021-12-20 16:36:13.426root
11241100x8000000000000000857337Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:13.426{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a4efac32958bfc02021-12-20 16:36:13.426root
11241100x8000000000000000857338Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:13.426{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4bfe399bc570bdf02021-12-20 16:36:13.426root
11241100x8000000000000000857339Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:13.426{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.01220a73367bb9612021-12-20 16:36:13.426root
11241100x8000000000000000857340Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:13.427{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ec5d48ca39520d72021-12-20 16:36:13.427root
11241100x8000000000000000857341Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:13.427{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e9beb5e3ca07fc42021-12-20 16:36:13.427root
11241100x8000000000000000857342Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:13.427{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.596c1ff43cbc90142021-12-20 16:36:13.427root
11241100x8000000000000000857343Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:13.427{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.07cbb536e3aeb6dd2021-12-20 16:36:13.427root
11241100x8000000000000000857344Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:13.429{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.026b1ac71b38d1902021-12-20 16:36:13.429root
11241100x8000000000000000857345Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:13.429{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e3f82e719794eab12021-12-20 16:36:13.429root
11241100x8000000000000000857346Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:13.429{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c199a6e599eec0482021-12-20 16:36:13.429root
11241100x8000000000000000857347Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:13.429{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae75101c70a0d7892021-12-20 16:36:13.429root
11241100x8000000000000000857348Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:13.430{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47eaf15af24b26ab2021-12-20 16:36:13.430root
11241100x8000000000000000857349Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:13.430{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4934adbcce537192021-12-20 16:36:13.430root
11241100x8000000000000000857350Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:13.924{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3daac92021ca1b52021-12-20 16:36:13.924root
11241100x8000000000000000857351Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:13.924{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b9738d7258929e52021-12-20 16:36:13.924root
11241100x8000000000000000857352Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:13.924{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be445adbe3efb4b32021-12-20 16:36:13.924root
11241100x8000000000000000857353Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:13.924{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e5ab03ade40114262021-12-20 16:36:13.924root
11241100x8000000000000000857354Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:13.924{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b889f36e11dba88e2021-12-20 16:36:13.924root
11241100x8000000000000000857355Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:13.925{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.345ecbbe65b4a56a2021-12-20 16:36:13.925root
11241100x8000000000000000857356Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:13.925{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d838e62ea3b97202021-12-20 16:36:13.925root
11241100x8000000000000000857357Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:13.925{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b2b1cc06c4ff1e52021-12-20 16:36:13.925root
11241100x8000000000000000857358Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:13.925{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b5298433c2f61162021-12-20 16:36:13.925root
11241100x8000000000000000857359Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:13.925{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a68fca302649c322021-12-20 16:36:13.925root
11241100x8000000000000000857360Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:13.925{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec210ced03f194f62021-12-20 16:36:13.925root
11241100x8000000000000000857361Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:13.925{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.816824d19133a3c32021-12-20 16:36:13.925root
11241100x8000000000000000857362Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:13.925{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f2120d3177fe7032021-12-20 16:36:13.925root
11241100x8000000000000000857363Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:13.925{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c70baf7ec3353bc2021-12-20 16:36:13.925root
11241100x8000000000000000857364Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:13.925{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd9ba61630f4dc092021-12-20 16:36:13.925root
11241100x8000000000000000857365Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:13.925{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.86a3f756fed523092021-12-20 16:36:13.925root
11241100x8000000000000000857366Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:13.925{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a1e61674301d60c2021-12-20 16:36:13.925root
11241100x8000000000000000857367Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:13.925{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0bf0992fff3e8eac2021-12-20 16:36:13.925root
11241100x8000000000000000857368Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:13.926{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b356a5000b33bcf62021-12-20 16:36:13.926root
11241100x8000000000000000857369Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:13.926{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77e2aecadf539d992021-12-20 16:36:13.926root
11241100x8000000000000000857370Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:13.926{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e9731912670ecf642021-12-20 16:36:13.926root
11241100x8000000000000000857371Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:13.926{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6250f504b0d48a52021-12-20 16:36:13.926root
11241100x8000000000000000857372Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:13.926{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.738d31eb22fdc6832021-12-20 16:36:13.926root
11241100x8000000000000000857373Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:13.926{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ada77524f51979a62021-12-20 16:36:13.926root
11241100x8000000000000000857374Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:13.926{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.31933441fadaf8652021-12-20 16:36:13.926root
11241100x8000000000000000857375Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:13.926{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.78321052fdbd83712021-12-20 16:36:13.926root
11241100x8000000000000000857376Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:13.926{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5cf6659b2b9147092021-12-20 16:36:13.926root
11241100x8000000000000000857377Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:13.926{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c9ae983f40703e192021-12-20 16:36:13.926root
11241100x8000000000000000857378Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:13.926{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.51436f888f7696fc2021-12-20 16:36:13.926root
11241100x8000000000000000857379Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:13.927{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc6a6e236d0fc0bd2021-12-20 16:36:13.927root
11241100x8000000000000000857380Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:13.927{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d2de42206d4c79482021-12-20 16:36:13.927root
11241100x8000000000000000857381Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:13.927{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a933eced58076292021-12-20 16:36:13.927root
11241100x8000000000000000857382Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:13.927{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d267dcba6fedb64a2021-12-20 16:36:13.927root
11241100x8000000000000000857383Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:14.424{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c1c5acd73ba97212021-12-20 16:36:14.424root
11241100x8000000000000000857384Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:14.424{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f1ab589eef0132d82021-12-20 16:36:14.424root
11241100x8000000000000000857385Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:14.425{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.becae2f0d225774c2021-12-20 16:36:14.425root
11241100x8000000000000000857386Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:14.425{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b2b02a2609a243412021-12-20 16:36:14.425root
11241100x8000000000000000857387Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:14.425{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd752d474d9d80e42021-12-20 16:36:14.425root
11241100x8000000000000000857388Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:14.425{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.83eb0eefef5d39ad2021-12-20 16:36:14.425root
11241100x8000000000000000857389Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:14.426{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0e42337f0ebe98a2021-12-20 16:36:14.426root
11241100x8000000000000000857390Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:14.426{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b6fddaca359df90b2021-12-20 16:36:14.426root
11241100x8000000000000000857391Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:14.426{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.848a448d063f2cba2021-12-20 16:36:14.426root
11241100x8000000000000000857392Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:14.426{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.66dff3c463c798182021-12-20 16:36:14.426root
11241100x8000000000000000857393Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:14.426{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c1f9feae86a5527a2021-12-20 16:36:14.426root
11241100x8000000000000000857394Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:14.426{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63cede225c8a964e2021-12-20 16:36:14.426root
11241100x8000000000000000857395Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:14.426{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.56178c493cc845402021-12-20 16:36:14.426root
11241100x8000000000000000857396Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:14.427{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.44cd086289465b672021-12-20 16:36:14.427root
11241100x8000000000000000857397Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:14.427{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.026848a06f7afc482021-12-20 16:36:14.427root
11241100x8000000000000000857398Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:14.427{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe032885c41ed45d2021-12-20 16:36:14.427root
11241100x8000000000000000857399Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:14.427{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e87fc5397d1359e62021-12-20 16:36:14.427root
11241100x8000000000000000857400Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:14.428{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f63311b43e7fcbd32021-12-20 16:36:14.428root
11241100x8000000000000000857401Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:14.428{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a4abb9cbfeafcf172021-12-20 16:36:14.428root
11241100x8000000000000000857402Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:14.429{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a1c0f6ea03d0db12021-12-20 16:36:14.429root
11241100x8000000000000000857403Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:14.429{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.85719747ab4ae5d92021-12-20 16:36:14.429root
11241100x8000000000000000857404Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:14.429{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb8fa74869a5dc6d2021-12-20 16:36:14.429root
11241100x8000000000000000857405Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:14.429{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d28326b9b815a2e2021-12-20 16:36:14.429root
11241100x8000000000000000857406Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:14.429{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d013021c0f4f20f2021-12-20 16:36:14.429root
11241100x8000000000000000857407Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:14.430{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3042650e99819d8b2021-12-20 16:36:14.430root
11241100x8000000000000000857408Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:14.430{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.73c5f3b709ef04df2021-12-20 16:36:14.430root
11241100x8000000000000000857409Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:14.430{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77352ef9e8c5a0612021-12-20 16:36:14.430root
11241100x8000000000000000857410Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:14.430{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.baaa325296eaab7d2021-12-20 16:36:14.430root
11241100x8000000000000000857411Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:14.430{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d58ea0eba0c7ff62021-12-20 16:36:14.430root
11241100x8000000000000000857412Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:14.431{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bbf7a08a87e48a9c2021-12-20 16:36:14.431root
11241100x8000000000000000857413Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:14.431{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cfaf98fc37fbfacf2021-12-20 16:36:14.431root
11241100x8000000000000000857414Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:14.924{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.afeb12cd1cdd94ba2021-12-20 16:36:14.924root
11241100x8000000000000000857415Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:14.924{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.89c99b22ab697dd52021-12-20 16:36:14.924root
11241100x8000000000000000857416Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:14.924{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9262dfa15270464a2021-12-20 16:36:14.924root
11241100x8000000000000000857417Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:14.925{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.83cfa0294bed7d522021-12-20 16:36:14.925root
11241100x8000000000000000857418Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:14.925{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a98337564342efe2021-12-20 16:36:14.925root
11241100x8000000000000000857419Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:14.925{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.29c3f6583098abc22021-12-20 16:36:14.925root
11241100x8000000000000000857420Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:14.925{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4c85f4bcda2b44f2021-12-20 16:36:14.925root
11241100x8000000000000000857421Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:14.925{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5031dc83df82ad4f2021-12-20 16:36:14.925root
11241100x8000000000000000857422Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:14.925{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d7f174d8ca83bbee2021-12-20 16:36:14.925root
11241100x8000000000000000857423Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:14.926{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.24043ffa17a45d482021-12-20 16:36:14.926root
11241100x8000000000000000857424Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:14.926{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb433d983872d4c92021-12-20 16:36:14.926root
11241100x8000000000000000857425Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:14.926{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9293234af3e0b3d22021-12-20 16:36:14.926root
11241100x8000000000000000857426Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:14.926{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.286c247c89496c322021-12-20 16:36:14.926root
11241100x8000000000000000857427Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:14.926{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.53fff5b04ebdbc282021-12-20 16:36:14.926root
11241100x8000000000000000857428Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:14.926{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6e4169e8c9b243892021-12-20 16:36:14.926root
11241100x8000000000000000857429Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:14.927{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e67c944a9b50bead2021-12-20 16:36:14.927root
11241100x8000000000000000857430Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:14.927{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e31a551102cd6442021-12-20 16:36:14.927root
11241100x8000000000000000857431Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:14.927{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d6676c2fa57f8272021-12-20 16:36:14.927root
11241100x8000000000000000857432Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:14.927{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c3a9d6ef9d8ab442021-12-20 16:36:14.927root
11241100x8000000000000000857433Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:14.927{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.448065ef057cb3952021-12-20 16:36:14.927root
11241100x8000000000000000857434Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:14.928{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b77fa033bdef8a842021-12-20 16:36:14.928root
11241100x8000000000000000857435Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:14.928{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09819e80893ff5802021-12-20 16:36:14.928root
11241100x8000000000000000857436Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:14.928{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b2e8f2700575d9c92021-12-20 16:36:14.928root
11241100x8000000000000000857437Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:14.928{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.51bab557e57ce1592021-12-20 16:36:14.928root
11241100x8000000000000000857438Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:14.929{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.305d731690d661562021-12-20 16:36:14.929root
11241100x8000000000000000857439Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:14.929{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b0dc90b4e308f2182021-12-20 16:36:14.929root
11241100x8000000000000000857440Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:14.929{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b22df1aa45ae6fdf2021-12-20 16:36:14.929root
11241100x8000000000000000857441Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:14.929{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef0e332c79d55cde2021-12-20 16:36:14.929root
11241100x8000000000000000857442Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:14.929{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb8aa34e99b49dd42021-12-20 16:36:14.929root
11241100x8000000000000000857443Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:14.929{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.748be8dfb42d37ff2021-12-20 16:36:14.929root
354300x8000000000000000857444Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.184{ec2c97d1-6aab-61c0-5175-3a0400000000}5261/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-52350-false10.0.1.12-8000-
11241100x8000000000000000857445Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.186{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f01cfd6cbb247aa52021-12-20 16:36:15.186root
11241100x8000000000000000857446Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.186{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cebf9f3547a69df42021-12-20 16:36:15.186root
11241100x8000000000000000857447Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.187{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b672bd90522d9532021-12-20 16:36:15.187root
11241100x8000000000000000857448Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.187{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6bcb231441a12fb72021-12-20 16:36:15.187root
11241100x8000000000000000857449Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.187{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fdb2d804c4c30bb42021-12-20 16:36:15.187root
11241100x8000000000000000857450Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.187{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8da6ebe50254d1962021-12-20 16:36:15.187root
11241100x8000000000000000857451Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.187{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec95c66ae5fb45682021-12-20 16:36:15.187root
11241100x8000000000000000857452Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.187{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.190279cb0ee97b392021-12-20 16:36:15.187root
11241100x8000000000000000857453Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.188{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.82ed9deb548ac0442021-12-20 16:36:15.188root
11241100x8000000000000000857454Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.188{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.49649d5baea67b3b2021-12-20 16:36:15.188root
11241100x8000000000000000857455Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.188{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.adc9a01c757984992021-12-20 16:36:15.188root
11241100x8000000000000000857456Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.188{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f45fadfd4a739cb72021-12-20 16:36:15.188root
11241100x8000000000000000857457Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.189{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8a9df78d2d6b4932021-12-20 16:36:15.189root
11241100x8000000000000000857458Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.189{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0415333356a5c5662021-12-20 16:36:15.189root
11241100x8000000000000000857459Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.189{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.74c4ecd66291d14f2021-12-20 16:36:15.189root
11241100x8000000000000000857460Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.189{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f57d1ad4d80147d2021-12-20 16:36:15.189root
11241100x8000000000000000857461Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.190{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a51e4aa2855bee1d2021-12-20 16:36:15.190root
11241100x8000000000000000857462Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.190{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ebabb21b3ba8a7132021-12-20 16:36:15.190root
11241100x8000000000000000857463Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.190{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.31d4e0dbff1b2f292021-12-20 16:36:15.190root
11241100x8000000000000000857464Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.191{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cbbf987a8239abdc2021-12-20 16:36:15.191root
11241100x8000000000000000857465Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.191{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54182e4a82c8c6392021-12-20 16:36:15.191root
11241100x8000000000000000857466Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.191{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aacf0933cd3ed8b12021-12-20 16:36:15.191root
11241100x8000000000000000857467Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.191{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd70583a9d839b1c2021-12-20 16:36:15.191root
11241100x8000000000000000857468Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.191{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.541718a53e979fb12021-12-20 16:36:15.191root
11241100x8000000000000000857469Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.191{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.44720d809989ee772021-12-20 16:36:15.191root
11241100x8000000000000000857470Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.192{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.864fda44ba6154812021-12-20 16:36:15.192root
11241100x8000000000000000857471Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.192{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b834e42a4e969752021-12-20 16:36:15.192root
11241100x8000000000000000857472Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.192{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9fce757d5265757b2021-12-20 16:36:15.192root
11241100x8000000000000000857473Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.192{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3a49b06342cb8be2021-12-20 16:36:15.192root
11241100x8000000000000000857474Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.192{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90d4258c6c2a6eb12021-12-20 16:36:15.192root
11241100x8000000000000000857475Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.192{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6e069f51f6cce72d2021-12-20 16:36:15.192root
11241100x8000000000000000857476Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.192{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d7910d8ef07b26272021-12-20 16:36:15.192root
11241100x8000000000000000857477Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.193{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9df2cea938fa88a32021-12-20 16:36:15.193root
11241100x8000000000000000857478Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.193{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc63831dfb393e2a2021-12-20 16:36:15.193root
11241100x8000000000000000857479Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.193{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c031990935f018012021-12-20 16:36:15.193root
11241100x8000000000000000857480Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.193{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ddd354d854256b232021-12-20 16:36:15.193root
11241100x8000000000000000857481Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.194{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c5628bd427e37662021-12-20 16:36:15.194root
11241100x8000000000000000857482Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.194{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c1ca0f075c55d952021-12-20 16:36:15.194root
11241100x8000000000000000857483Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.194{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.431fbfb5763e37522021-12-20 16:36:15.194root
11241100x8000000000000000857484Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.194{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.05a9cdfad8b103b62021-12-20 16:36:15.194root
11241100x8000000000000000857485Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.195{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.825803d40c327dbf2021-12-20 16:36:15.195root
11241100x8000000000000000857486Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.674{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c1b284224bdb81542021-12-20 16:36:15.674root
11241100x8000000000000000857487Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21a4ee4b1dd13e992021-12-20 16:36:15.675root
11241100x8000000000000000857488Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6e99b910724b38cd2021-12-20 16:36:15.675root
11241100x8000000000000000857489Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb98f9fb8c3da40d2021-12-20 16:36:15.675root
11241100x8000000000000000857490Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.675{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.086cf5a5329e6fe02021-12-20 16:36:15.675root
11241100x8000000000000000857491Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.676{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.115560f42abb08222021-12-20 16:36:15.676root
11241100x8000000000000000857492Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.676{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0cf8ea3972f7cf7a2021-12-20 16:36:15.676root
11241100x8000000000000000857493Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.676{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0750c4f6e5a22b312021-12-20 16:36:15.676root
11241100x8000000000000000857494Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.676{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d73cd1dbb5faafa82021-12-20 16:36:15.676root
11241100x8000000000000000857495Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.677{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd415b52bf6c04882021-12-20 16:36:15.677root
11241100x8000000000000000857496Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.677{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.281c11239a4011432021-12-20 16:36:15.677root
11241100x8000000000000000857497Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.677{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2a6b40235f4fdf7c2021-12-20 16:36:15.677root
11241100x8000000000000000857498Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.677{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9cee2dcafd79664a2021-12-20 16:36:15.677root
11241100x8000000000000000857499Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.678{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.66333f834c0ea4662021-12-20 16:36:15.678root
11241100x8000000000000000857500Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.678{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.248ea30990aca6982021-12-20 16:36:15.678root
11241100x8000000000000000857501Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.678{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a285a6a2bf75cc42021-12-20 16:36:15.678root
11241100x8000000000000000857502Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.678{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c454c3c89c8307172021-12-20 16:36:15.678root
11241100x8000000000000000857503Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.678{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.88b6fde19b7100b32021-12-20 16:36:15.678root
11241100x8000000000000000857504Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.678{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09d0b020d2f8c6ab2021-12-20 16:36:15.678root
11241100x8000000000000000857505Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.678{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.360bdc42d5fe17642021-12-20 16:36:15.678root
11241100x8000000000000000857506Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.678{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c408fc811089bd6e2021-12-20 16:36:15.678root
11241100x8000000000000000857507Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.679{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4da23d0808e653fc2021-12-20 16:36:15.679root
11241100x8000000000000000857508Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.679{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a597c146e220b37c2021-12-20 16:36:15.679root
11241100x8000000000000000857509Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.679{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c1040d607c0bb1c72021-12-20 16:36:15.679root
11241100x8000000000000000857510Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.679{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f2c53876c4bc5e852021-12-20 16:36:15.679root
11241100x8000000000000000857511Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.679{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.201b97f0ccbe8e152021-12-20 16:36:15.679root
11241100x8000000000000000857512Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.679{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce1e1485662c4ab12021-12-20 16:36:15.679root
11241100x8000000000000000857513Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.679{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a2ea14b662d59702021-12-20 16:36:15.679root
11241100x8000000000000000857514Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.679{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e1f8ceb903f0086e2021-12-20 16:36:15.679root
11241100x8000000000000000857515Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:15.679{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.054c4508b3bb77062021-12-20 16:36:15.679root
11241100x8000000000000000857516Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:16.174{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c88732f69717c34a2021-12-20 16:36:16.174root
11241100x8000000000000000857517Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:16.174{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c07bf5079e4232352021-12-20 16:36:16.174root
11241100x8000000000000000857518Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:16.174{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09a4881c7ddf93f52021-12-20 16:36:16.174root
11241100x8000000000000000857519Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:16.175{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6ade4af0290fa9a2021-12-20 16:36:16.175root
11241100x8000000000000000857520Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:16.175{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4cc07ba7aca9f1ff2021-12-20 16:36:16.175root
11241100x8000000000000000857521Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:16.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.033c1b163adca5a62021-12-20 16:36:16.176root
11241100x8000000000000000857522Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:16.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a9b3981ff6ce62442021-12-20 16:36:16.176root
11241100x8000000000000000857523Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:16.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f7521402ae0c54802021-12-20 16:36:16.176root
11241100x8000000000000000857524Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:16.176{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1576de205d5243212021-12-20 16:36:16.176root
11241100x8000000000000000857525Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:16.177{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d22240e7c33a6c72021-12-20 16:36:16.177root
11241100x8000000000000000857526Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:16.177{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.74d4efe4f7c992252021-12-20 16:36:16.177root
11241100x8000000000000000857527Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:16.177{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b5fd0eae7b1f1992021-12-20 16:36:16.177root
11241100x8000000000000000857528Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:16.177{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b0dd78f2a677cb62021-12-20 16:36:16.177root
11241100x8000000000000000857529Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:16.177{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c6676b8920d74552021-12-20 16:36:16.177root
11241100x8000000000000000857530Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:16.178{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.97c63b3bf9a04bc02021-12-20 16:36:16.178root
11241100x8000000000000000857531Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:16.179{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6966a0fe0a261f432021-12-20 16:36:16.179root
11241100x8000000000000000857532Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:16.179{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b30e46ed33a5db2f2021-12-20 16:36:16.179root
11241100x8000000000000000857533Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:16.180{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6f37452c989407792021-12-20 16:36:16.180root
11241100x8000000000000000857534Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:16.180{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d775bdbe627bbf02021-12-20 16:36:16.180root
11241100x8000000000000000857535Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:16.180{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f067ad83f7f5a562021-12-20 16:36:16.180root
11241100x8000000000000000857536Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:16.180{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.88b1799b3d65e5ed2021-12-20 16:36:16.180root
11241100x8000000000000000857537Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:16.181{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d0d81ab8d30587f2021-12-20 16:36:16.181root
11241100x8000000000000000857538Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:16.181{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76df0181f74b2e5b2021-12-20 16:36:16.181root
11241100x8000000000000000857539Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:16.181{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.929e443f9b89300e2021-12-20 16:36:16.181root
11241100x8000000000000000857540Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:16.181{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b346414119c2de6e2021-12-20 16:36:16.181root
11241100x8000000000000000857541Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:16.181{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca72be175032c2bf2021-12-20 16:36:16.181root
11241100x8000000000000000857542Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:16.182{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f0496f246a0c5352021-12-20 16:36:16.182root
11241100x8000000000000000857543Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:16.182{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.172efeade25c8cfa2021-12-20 16:36:16.182root
11241100x8000000000000000857544Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:16.182{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a79951e22c8ba4612021-12-20 16:36:16.182root
11241100x8000000000000000857545Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:16.182{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce1c7a10a7e341742021-12-20 16:36:16.182root
11241100x8000000000000000857546Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:16.183{ec2c97d1-6aa9-61c0-3038-618238560000}5256/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.13e401ab146ccdf82021-12-20 16:36:16.183root
11241100x8000000000000000857547Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-4134-2021-12-20 16:36:16.183{ec2c97d1-6aa9-61c0-3038-618