354300x80000000000000003904893Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.176{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56238-false10.0.1.12-8000- 11241100x80000000000000003904894Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.176{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc11ad7540d7f4372022-01-11 12:18:08.176root 11241100x80000000000000003904895Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.176{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96bf085f449daba42022-01-11 12:18:08.176root 11241100x80000000000000003904896Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.177{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db32b0c0ba30a47f2022-01-11 12:18:08.177root 11241100x80000000000000003904897Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.177{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b1b57b11f35958d2022-01-11 12:18:08.177root 11241100x80000000000000003904898Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.177{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f0758e9354852a882022-01-11 12:18:08.177root 11241100x80000000000000003904899Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.177{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.324b66ef3fbe410a2022-01-11 12:18:08.177root 11241100x80000000000000003904900Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.177{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae2464790da4c9602022-01-11 12:18:08.177root 11241100x80000000000000003904901Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.177{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1ad1529a19a77f012022-01-11 12:18:08.177root 11241100x80000000000000003904902Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.177{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6333089d0dda49e42022-01-11 12:18:08.177root 11241100x80000000000000003904903Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.177{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ad52a79da4716de2022-01-11 12:18:08.177root 11241100x80000000000000003904904Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.177{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5dda1a4e4794d9a62022-01-11 12:18:08.177root 11241100x80000000000000003904905Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.177{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e4a1096feb263e82022-01-11 12:18:08.177root 11241100x80000000000000003904906Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.177{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f1e2f4c1fd4c9c232022-01-11 12:18:08.177root 11241100x80000000000000003904907Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.177{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dad3f56d9030a5422022-01-11 12:18:08.177root 11241100x80000000000000003904908Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.177{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0ae7b347ab6e70ad2022-01-11 12:18:08.177root 11241100x80000000000000003904909Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.178{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.05834bb164eb92652022-01-11 12:18:08.178root 11241100x80000000000000003904910Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.178{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b55d014ca38aed32022-01-11 12:18:08.178root 11241100x80000000000000003904911Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.178{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a97656b8e05ee45c2022-01-11 12:18:08.178root 11241100x80000000000000003904912Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.178{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f00d005787abee942022-01-11 12:18:08.178root 11241100x80000000000000003904913Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.178{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00a5c6454bea26382022-01-11 12:18:08.178root 11241100x80000000000000003904914Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a0ada31372131822022-01-11 12:18:08.583root 11241100x80000000000000003904915Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a9032f05d73871d72022-01-11 12:18:08.583root 11241100x80000000000000003904916Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d66181c2f187fea42022-01-11 12:18:08.583root 11241100x80000000000000003904917Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.853e5317e95fd8322022-01-11 12:18:08.583root 11241100x80000000000000003904918Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd7490125c2f6ac22022-01-11 12:18:08.584root 11241100x80000000000000003904919Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a43d79f38daabf8a2022-01-11 12:18:08.584root 11241100x80000000000000003904920Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b7612e9a92f12e32022-01-11 12:18:08.584root 11241100x80000000000000003904921Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5393482ce353ef792022-01-11 12:18:08.584root 11241100x80000000000000003904922Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e2dc115869d1a6a2022-01-11 12:18:08.584root 11241100x80000000000000003904923Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b2ab3bcde701ff1f2022-01-11 12:18:08.584root 11241100x80000000000000003904924Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e053baf03275e5b52022-01-11 12:18:08.585root 11241100x80000000000000003904925Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.43df7c4362f05e1c2022-01-11 12:18:08.585root 11241100x80000000000000003904926Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.257d981c91dbaf332022-01-11 12:18:08.585root 11241100x80000000000000003904927Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f58beafb5e6175402022-01-11 12:18:08.585root 11241100x80000000000000003904928Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d91eb7c31630ddea2022-01-11 12:18:08.586root 11241100x80000000000000003904929Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.49b345ea9e0273dd2022-01-11 12:18:08.586root 11241100x80000000000000003904930Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1ec17d28803b6c202022-01-11 12:18:08.587root 11241100x80000000000000003904931Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d9580dbf628fbf12022-01-11 12:18:08.588root 11241100x80000000000000003904932Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c468c475d0dd7972022-01-11 12:18:08.588root 11241100x80000000000000003904933Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1505af7d8054358d2022-01-11 12:18:08.589root 11241100x80000000000000003904934Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c41bfd4e8e1fc84c2022-01-11 12:18:09.083root 11241100x80000000000000003904935Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d12f9f4db18431f22022-01-11 12:18:09.083root 11241100x80000000000000003904936Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.499bf8bf6c21f4f62022-01-11 12:18:09.084root 11241100x80000000000000003904937Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.27bc3c07751c80b12022-01-11 12:18:09.084root 11241100x80000000000000003904938Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.837991c13a67ade72022-01-11 12:18:09.084root 11241100x80000000000000003904939Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c9b856782b0e05fa2022-01-11 12:18:09.084root 11241100x80000000000000003904940Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8ff63bb345095a72022-01-11 12:18:09.084root 11241100x80000000000000003904941Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1ac5505fb93bcad12022-01-11 12:18:09.084root 11241100x80000000000000003904942Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd7a27d6757a08f42022-01-11 12:18:09.084root 11241100x80000000000000003904943Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.edfd55d9d8f8e8732022-01-11 12:18:09.084root 11241100x80000000000000003904944Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9038b29d35d7dcf12022-01-11 12:18:09.085root 11241100x80000000000000003904945Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5cf6019679d5962c2022-01-11 12:18:09.085root 11241100x80000000000000003904946Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1661a270265c9fe82022-01-11 12:18:09.085root 11241100x80000000000000003904947Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54aa0b48812ccad62022-01-11 12:18:09.085root 11241100x80000000000000003904948Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6d6a05c01c1672d2022-01-11 12:18:09.085root 11241100x80000000000000003904949Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f9ff62a62811c8072022-01-11 12:18:09.085root 11241100x80000000000000003904950Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02ff47740451bed42022-01-11 12:18:09.085root 11241100x80000000000000003904951Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e62ccb7a91ef4b332022-01-11 12:18:09.085root 11241100x80000000000000003904952Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25356d30c9424c472022-01-11 12:18:09.085root 11241100x80000000000000003904953Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3221c41fe327739f2022-01-11 12:18:09.086root 11241100x80000000000000003904954Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f360bd4cb5822e792022-01-11 12:18:09.086root 11241100x80000000000000003904955Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.11497742b86355452022-01-11 12:18:09.086root 11241100x80000000000000003904956Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2552c6395b4cfd862022-01-11 12:18:09.086root 11241100x80000000000000003904957Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb2079dbded8ad832022-01-11 12:18:09.583root 11241100x80000000000000003904958Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b905f7c17b279272022-01-11 12:18:09.583root 11241100x80000000000000003904959Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a0975c02499b8012022-01-11 12:18:09.583root 11241100x80000000000000003904960Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.57b7e3d4a87cb08e2022-01-11 12:18:09.583root 11241100x80000000000000003904961Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6556916314b4f0f2022-01-11 12:18:09.584root 11241100x80000000000000003904962Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0dbcc7b89fa6ebb22022-01-11 12:18:09.584root 11241100x80000000000000003904963Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc67081a39fbf3e22022-01-11 12:18:09.584root 11241100x80000000000000003904964Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.71643eea6ddd285e2022-01-11 12:18:09.584root 11241100x80000000000000003904965Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc7aa8e43274d01a2022-01-11 12:18:09.584root 11241100x80000000000000003904966Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a01817c50ef16e562022-01-11 12:18:09.584root 11241100x80000000000000003904967Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5943adfe7a8e3d2b2022-01-11 12:18:09.584root 11241100x80000000000000003904968Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.92a623fe97ca8d8a2022-01-11 12:18:09.584root 11241100x80000000000000003904969Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dcd280a7afd9362e2022-01-11 12:18:09.585root 11241100x80000000000000003904970Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1d27f9cbd3804932022-01-11 12:18:09.585root 11241100x80000000000000003904971Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c1902c988504b4d2022-01-11 12:18:09.585root 11241100x80000000000000003904972Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a95f1a07b1ccdc582022-01-11 12:18:09.585root 11241100x80000000000000003904973Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.442ff8aa591881ba2022-01-11 12:18:09.585root 11241100x80000000000000003904974Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76c7c9f1a469714b2022-01-11 12:18:09.585root 11241100x80000000000000003904975Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a34d4beb2747cd82022-01-11 12:18:09.586root 11241100x80000000000000003904976Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8a98b7cc2237e8772022-01-11 12:18:09.586root 11241100x80000000000000003904977Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c932670a979343032022-01-11 12:18:10.084root 11241100x80000000000000003904978Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4fc6f88a200a3932022-01-11 12:18:10.084root 11241100x80000000000000003904979Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.704f703792c86a492022-01-11 12:18:10.084root 11241100x80000000000000003904980Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd4d64ddfd850a592022-01-11 12:18:10.084root 11241100x80000000000000003904981Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c30239a165e5acf62022-01-11 12:18:10.084root 11241100x80000000000000003904982Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.39053893f7e007aa2022-01-11 12:18:10.084root 11241100x80000000000000003904983Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cbf36d203eacc2142022-01-11 12:18:10.084root 11241100x80000000000000003904984Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef5bde50b1b0d3b32022-01-11 12:18:10.084root 11241100x80000000000000003904985Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.582c71449a28c4db2022-01-11 12:18:10.085root 11241100x80000000000000003904986Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.16c717630307de542022-01-11 12:18:10.085root 11241100x80000000000000003904987Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.efbb4a3ae414f4aa2022-01-11 12:18:10.085root 11241100x80000000000000003904988Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c8399e435c4346252022-01-11 12:18:10.085root 11241100x80000000000000003904989Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7aa5e7d3fec7a8d72022-01-11 12:18:10.085root 11241100x80000000000000003904990Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd525c982721ac0f2022-01-11 12:18:10.085root 11241100x80000000000000003904991Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b6daea813d570c712022-01-11 12:18:10.085root 11241100x80000000000000003904992Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef74998fbf7bf0b22022-01-11 12:18:10.085root 11241100x80000000000000003904993Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f38fbff72e742aea2022-01-11 12:18:10.086root 11241100x80000000000000003904994Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4295afd3aed0c9b82022-01-11 12:18:10.086root 11241100x80000000000000003904995Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f20123b8b6ed0ee2022-01-11 12:18:10.086root 11241100x80000000000000003904996Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fbabf3593bb6dbb42022-01-11 12:18:10.086root 11241100x80000000000000003904997Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc4965adfd8a71922022-01-11 12:18:10.583root 11241100x80000000000000003904998Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aad3c695b10f6d062022-01-11 12:18:10.583root 11241100x80000000000000003904999Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa768fcd0745b1d42022-01-11 12:18:10.583root 11241100x80000000000000003905000Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7c04f54ca81066b2022-01-11 12:18:10.583root 11241100x80000000000000003905001Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4735e5b538b3d2ed2022-01-11 12:18:10.583root 11241100x80000000000000003905002Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.308c8c71bb9b896d2022-01-11 12:18:10.583root 11241100x80000000000000003905003Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47fc886f28bf287d2022-01-11 12:18:10.584root 11241100x80000000000000003905004Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6fdce5c0510aa0b72022-01-11 12:18:10.584root 11241100x80000000000000003905005Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec5c8599475dcbe32022-01-11 12:18:10.584root 11241100x80000000000000003905006Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b012c2754f1ab0352022-01-11 12:18:10.584root 11241100x80000000000000003905007Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.057d4535967275d02022-01-11 12:18:10.584root 11241100x80000000000000003905008Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3649062c41ead302022-01-11 12:18:10.584root 11241100x80000000000000003905009Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.750f758dd33956f62022-01-11 12:18:10.584root 11241100x80000000000000003905010Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6beb818a3ab1b5b22022-01-11 12:18:10.584root 11241100x80000000000000003905011Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1639c0ad547b7452022-01-11 12:18:10.584root 11241100x80000000000000003905012Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e18b42171ddb91bb2022-01-11 12:18:10.584root 11241100x80000000000000003905013Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4213a5155fd10d972022-01-11 12:18:10.584root 11241100x80000000000000003905014Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96010b1fad652c1b2022-01-11 12:18:10.584root 11241100x80000000000000003905015Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.032f15cf05c38b802022-01-11 12:18:10.584root 11241100x80000000000000003905016Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ef3ce6939004c0d2022-01-11 12:18:10.584root 11241100x80000000000000003905017Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2cd1e28c3b394b202022-01-11 12:18:11.083root 11241100x80000000000000003905018Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9dc8daa124dbd0662022-01-11 12:18:11.083root 11241100x80000000000000003905019Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f0d7228150c7fcef2022-01-11 12:18:11.083root 11241100x80000000000000003905020Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe89cd55fa937f182022-01-11 12:18:11.083root 11241100x80000000000000003905021Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc19df8fc7bb45bb2022-01-11 12:18:11.084root 11241100x80000000000000003905022Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47b78a0de956aa562022-01-11 12:18:11.084root 11241100x80000000000000003905023Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f4d7d73646fa3d822022-01-11 12:18:11.084root 11241100x80000000000000003905024Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1e0facd8bd6498da2022-01-11 12:18:11.084root 11241100x80000000000000003905025Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.52c24d90adf07ac22022-01-11 12:18:11.084root 11241100x80000000000000003905026Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f113dec12f9242972022-01-11 12:18:11.084root 11241100x80000000000000003905027Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.667a2660442c5c422022-01-11 12:18:11.084root 11241100x80000000000000003905028Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91fd04fed3a98ea02022-01-11 12:18:11.084root 11241100x80000000000000003905029Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ad03c2add84206e32022-01-11 12:18:11.084root 11241100x80000000000000003905030Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.62213d091cd60f932022-01-11 12:18:11.085root 11241100x80000000000000003905031Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6be1e8639850823f2022-01-11 12:18:11.085root 11241100x80000000000000003905032Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9661e9c1131a1ffe2022-01-11 12:18:11.085root 11241100x80000000000000003905033Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.075b975c148415df2022-01-11 12:18:11.085root 11241100x80000000000000003905034Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.629fc9ec212253bc2022-01-11 12:18:11.085root 11241100x80000000000000003905035Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c200a02de459b6272022-01-11 12:18:11.085root 11241100x80000000000000003905036Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b16f965d61315482022-01-11 12:18:11.085root 11241100x80000000000000003905037Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0b1c80a8ff0f0f62022-01-11 12:18:11.583root 11241100x80000000000000003905038Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b803fa9af8be44812022-01-11 12:18:11.583root 11241100x80000000000000003905039Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.921aa21d79a957d62022-01-11 12:18:11.583root 11241100x80000000000000003905040Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de25dcd0b6a050ab2022-01-11 12:18:11.584root 11241100x80000000000000003905041Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ebcbed4631833add2022-01-11 12:18:11.584root 11241100x80000000000000003905042Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b12f854f935fcec2022-01-11 12:18:11.584root 11241100x80000000000000003905043Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8dcd20c6c2b174402022-01-11 12:18:11.584root 11241100x80000000000000003905044Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1e4d794739e5d8792022-01-11 12:18:11.584root 11241100x80000000000000003905045Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.380a61afa4ab05b32022-01-11 12:18:11.584root 11241100x80000000000000003905046Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0ba0e8d7e51cb9a22022-01-11 12:18:11.584root 11241100x80000000000000003905047Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.645388f126e49e2c2022-01-11 12:18:11.584root 11241100x80000000000000003905048Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c00c2c5aaa9ad2c02022-01-11 12:18:11.584root 11241100x80000000000000003905049Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1df0e96f700e95dd2022-01-11 12:18:11.585root 11241100x80000000000000003905050Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6cf8cb3a018509012022-01-11 12:18:11.585root 11241100x80000000000000003905051Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4595980667cac4cd2022-01-11 12:18:11.585root 11241100x80000000000000003905052Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63e067b73f2c72442022-01-11 12:18:11.585root 11241100x80000000000000003905053Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a54136c0d0a1f37a2022-01-11 12:18:11.585root 11241100x80000000000000003905054Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d62c98236b565892022-01-11 12:18:11.585root 11241100x80000000000000003905055Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.113e155fff28c7a12022-01-11 12:18:11.585root 11241100x80000000000000003905056Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cb2a621761c4e2b52022-01-11 12:18:11.585root 11241100x80000000000000003905057Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c4f580f6285ab1672022-01-11 12:18:12.084root 11241100x80000000000000003905058Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.edfa491da1630dbe2022-01-11 12:18:12.084root 11241100x80000000000000003905059Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cfceee9f434fef5e2022-01-11 12:18:12.084root 11241100x80000000000000003905060Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.337edc5de7d1466c2022-01-11 12:18:12.084root 11241100x80000000000000003905061Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.014f533650bfb41b2022-01-11 12:18:12.084root 11241100x80000000000000003905062Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e060a5097e1f35ca2022-01-11 12:18:12.084root 11241100x80000000000000003905063Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9cdaf34ad34d590c2022-01-11 12:18:12.084root 11241100x80000000000000003905064Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ee3beb64fc292c02022-01-11 12:18:12.084root 11241100x80000000000000003905065Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.53e0653dc73917c52022-01-11 12:18:12.084root 11241100x80000000000000003905066Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c18e784b1a66c002022-01-11 12:18:12.084root 11241100x80000000000000003905067Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e9201185e0803a732022-01-11 12:18:12.084root 11241100x80000000000000003905068Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5cc7813351113b962022-01-11 12:18:12.085root 11241100x80000000000000003905069Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5df995f28b6a9cd62022-01-11 12:18:12.085root 11241100x80000000000000003905070Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e282ca05cb6619362022-01-11 12:18:12.085root 11241100x80000000000000003905071Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c05b1b5350c33352022-01-11 12:18:12.085root 11241100x80000000000000003905072Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48c63835fa800eb82022-01-11 12:18:12.085root 11241100x80000000000000003905073Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bdf2e9a7f87ba81c2022-01-11 12:18:12.085root 11241100x80000000000000003905074Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf77204af5c79de32022-01-11 12:18:12.085root 11241100x80000000000000003905075Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed1adc23c20272742022-01-11 12:18:12.085root 11241100x80000000000000003905076Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.edf4cdd4266d2c6e2022-01-11 12:18:12.085root 11241100x80000000000000003905077Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e2171316f7fa1652022-01-11 12:18:12.583root 11241100x80000000000000003905078Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6c67b47cf1542b62022-01-11 12:18:12.583root 11241100x80000000000000003905079Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa8a17171b4766dc2022-01-11 12:18:12.583root 11241100x80000000000000003905080Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.759795d5039d1ad82022-01-11 12:18:12.584root 11241100x80000000000000003905081Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77f6a7acfbf3c7442022-01-11 12:18:12.584root 11241100x80000000000000003905082Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2fef95fe3d8086bb2022-01-11 12:18:12.584root 11241100x80000000000000003905083Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.43c21a23b0e6bc172022-01-11 12:18:12.584root 11241100x80000000000000003905084Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.347cf2f333bf37262022-01-11 12:18:12.584root 11241100x80000000000000003905085Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1c239580e4fc1d02022-01-11 12:18:12.584root 11241100x80000000000000003905086Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.725121f7dfe905a02022-01-11 12:18:12.585root 11241100x80000000000000003905087Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.925499d8b77951112022-01-11 12:18:12.585root 11241100x80000000000000003905088Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6021c8be654b01752022-01-11 12:18:12.585root 11241100x80000000000000003905089Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6fbd58cabf04f83e2022-01-11 12:18:12.585root 11241100x80000000000000003905090Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.013056c692a078302022-01-11 12:18:12.586root 11241100x80000000000000003905091Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c42540b0f6dd4d502022-01-11 12:18:12.586root 11241100x80000000000000003905092Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.62d89a0f6310742b2022-01-11 12:18:12.586root 11241100x80000000000000003905093Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d49f342e563143dc2022-01-11 12:18:12.586root 11241100x80000000000000003905094Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c30b460a9a03ab52022-01-11 12:18:12.587root 11241100x80000000000000003905095Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7e030442b8d039c2022-01-11 12:18:12.587root 11241100x80000000000000003905096Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ee9ad4a4a6d4c9a2022-01-11 12:18:12.587root 11241100x80000000000000003905097Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.66a3fda54338b1bb2022-01-11 12:18:12.587root 11241100x80000000000000003905098Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5882a14dc27f4bfd2022-01-11 12:18:12.588root 11241100x80000000000000003905099Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.66d1cdc51e3700e62022-01-11 12:18:13.084root 11241100x80000000000000003905100Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b3453a8451ec6e72022-01-11 12:18:13.084root 11241100x80000000000000003905101Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3bff0756e1f65db22022-01-11 12:18:13.084root 11241100x80000000000000003905102Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4bc5df798bd571632022-01-11 12:18:13.084root 11241100x80000000000000003905103Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.293000e18580c3522022-01-11 12:18:13.084root 11241100x80000000000000003905104Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5959cdc4a470a4a52022-01-11 12:18:13.084root 11241100x80000000000000003905105Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d7f07ebbd5dc9c12022-01-11 12:18:13.084root 11241100x80000000000000003905106Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be4e2d3ab785dbc32022-01-11 12:18:13.085root 11241100x80000000000000003905107Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.638497c73c926dc02022-01-11 12:18:13.085root 11241100x80000000000000003905108Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.27affb6444dfff162022-01-11 12:18:13.085root 11241100x80000000000000003905109Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f0af3f960e0be54b2022-01-11 12:18:13.085root 11241100x80000000000000003905110Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e24df88937a3c912022-01-11 12:18:13.085root 11241100x80000000000000003905111Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2993fe08ea0369332022-01-11 12:18:13.086root 11241100x80000000000000003905112Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.849da916904105042022-01-11 12:18:13.086root 11241100x80000000000000003905113Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f16ad4b28fae38392022-01-11 12:18:13.086root 11241100x80000000000000003905114Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.891db97fa0b8ba012022-01-11 12:18:13.086root 11241100x80000000000000003905115Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a62206b1528b7bf2022-01-11 12:18:13.086root 11241100x80000000000000003905116Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a9fecf43155e12d2022-01-11 12:18:13.086root 11241100x80000000000000003905117Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6dd1526296b01e02022-01-11 12:18:13.086root 11241100x80000000000000003905118Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8153e97e561cfd962022-01-11 12:18:13.086root 354300x80000000000000003905119Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.244{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56240-false10.0.1.12-8000- 11241100x80000000000000003905120Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.266c495be9eda16a2022-01-11 12:18:13.584root 11241100x80000000000000003905121Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4d3c73c2a51e74e2022-01-11 12:18:13.584root 11241100x80000000000000003905122Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.116c2a80f7e0e3202022-01-11 12:18:13.584root 11241100x80000000000000003905123Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce5c3f6a895743782022-01-11 12:18:13.584root 11241100x80000000000000003905124Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a294d6bcf500bba2022-01-11 12:18:13.584root 11241100x80000000000000003905125Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d3d35933d9b28d42022-01-11 12:18:13.584root 11241100x80000000000000003905126Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a7c5174dec6633bb2022-01-11 12:18:13.585root 11241100x80000000000000003905127Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d43cb9b5a93c5442022-01-11 12:18:13.585root 11241100x80000000000000003905128Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.caf5dc9d4c5791092022-01-11 12:18:13.585root 11241100x80000000000000003905129Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e88c4c511ba8ca12022-01-11 12:18:13.585root 11241100x80000000000000003905130Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b5d1b0fd23aaa6a22022-01-11 12:18:13.586root 11241100x80000000000000003905131Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc432e401b8b7d272022-01-11 12:18:13.586root 11241100x80000000000000003905132Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.634b55a569462ed22022-01-11 12:18:13.586root 11241100x80000000000000003905133Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7036ed33d6d57e622022-01-11 12:18:13.586root 11241100x80000000000000003905134Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.42f832a83a185e162022-01-11 12:18:13.586root 11241100x80000000000000003905135Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2666138fc6c8a90f2022-01-11 12:18:13.586root 11241100x80000000000000003905136Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.15e65b8628f83b082022-01-11 12:18:13.586root 11241100x80000000000000003905137Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.070aea4fbc008ea22022-01-11 12:18:13.586root 11241100x80000000000000003905138Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.871ee507071c311a2022-01-11 12:18:13.587root 11241100x80000000000000003905139Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.011f8938ba0f62552022-01-11 12:18:13.587root 11241100x80000000000000003905140Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f6193288fa4c0c72022-01-11 12:18:13.587root 11241100x80000000000000003905141Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a3ed4bb5b27e324f2022-01-11 12:18:14.083root 11241100x80000000000000003905142Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.61901b7147f6d91e2022-01-11 12:18:14.083root 11241100x80000000000000003905143Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.04de3527a8dcb1a82022-01-11 12:18:14.083root 11241100x80000000000000003905144Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.92d0a9b36a522e212022-01-11 12:18:14.083root 11241100x80000000000000003905145Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0e1632556ed37d92022-01-11 12:18:14.084root 11241100x80000000000000003905146Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce7d212c84caec502022-01-11 12:18:14.084root 11241100x80000000000000003905147Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.daf8047246e18b512022-01-11 12:18:14.084root 11241100x80000000000000003905148Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ecea566dafffc5ec2022-01-11 12:18:14.084root 11241100x80000000000000003905149Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69f7d0d15dc4830c2022-01-11 12:18:14.084root 11241100x80000000000000003905150Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef96bfb104036ae22022-01-11 12:18:14.084root 11241100x80000000000000003905151Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e78f368285b96982022-01-11 12:18:14.084root 11241100x80000000000000003905152Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c87fd14db8b0af02022-01-11 12:18:14.084root 11241100x80000000000000003905153Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ccd2c7fc147f37a52022-01-11 12:18:14.084root 11241100x80000000000000003905154Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2131e7b5019989512022-01-11 12:18:14.084root 11241100x80000000000000003905155Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3214e6c3fe1f0b662022-01-11 12:18:14.085root 11241100x80000000000000003905156Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a5d34819a6a50992022-01-11 12:18:14.085root 11241100x80000000000000003905157Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a63a50bf8c90eb3e2022-01-11 12:18:14.085root 11241100x80000000000000003905158Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.86351482dc262f4f2022-01-11 12:18:14.085root 11241100x80000000000000003905159Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f874139a088d6242022-01-11 12:18:14.085root 11241100x80000000000000003905160Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1032d4a7591887ee2022-01-11 12:18:14.085root 11241100x80000000000000003905161Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7724bc018a454f372022-01-11 12:18:14.085root 11241100x80000000000000003905162Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ace3a4df4aded9c2022-01-11 12:18:14.085root 11241100x80000000000000003905163Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff21b2dba2cf1c082022-01-11 12:18:14.085root 11241100x80000000000000003905164Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de882cff4e2554282022-01-11 12:18:14.085root 11241100x80000000000000003905165Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.428622f53beb74d72022-01-11 12:18:14.583root 11241100x80000000000000003905166Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a4989e3c06d44e312022-01-11 12:18:14.584root 11241100x80000000000000003905167Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.502844f1b12e77b62022-01-11 12:18:14.584root 11241100x80000000000000003905168Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f54bd098f91708e2022-01-11 12:18:14.584root 11241100x80000000000000003905169Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2bf5981f5a87d3902022-01-11 12:18:14.584root 11241100x80000000000000003905170Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0eb1afcb445286582022-01-11 12:18:14.584root 11241100x80000000000000003905171Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c2948cfc2ae72d92022-01-11 12:18:14.584root 11241100x80000000000000003905172Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de9ecff339f822482022-01-11 12:18:14.584root 11241100x80000000000000003905173Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ebef1d65158065092022-01-11 12:18:14.584root 11241100x80000000000000003905174Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0af62da29dcacd32022-01-11 12:18:14.585root 11241100x80000000000000003905175Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa64a2b1d259513e2022-01-11 12:18:14.585root 11241100x80000000000000003905176Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.419b54e22a2db7732022-01-11 12:18:14.585root 11241100x80000000000000003905177Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d68a2cc4b4d67ea2022-01-11 12:18:14.585root 11241100x80000000000000003905178Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cbbd7f86a28cc83e2022-01-11 12:18:14.585root 11241100x80000000000000003905179Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cfa81a88bd1123c22022-01-11 12:18:14.585root 11241100x80000000000000003905180Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1932ec870ce22b682022-01-11 12:18:14.586root 11241100x80000000000000003905181Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8fccb51a2e2b5f02022-01-11 12:18:14.586root 11241100x80000000000000003905182Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1311838db885cef72022-01-11 12:18:14.586root 11241100x80000000000000003905183Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.82c2bc9338a2023d2022-01-11 12:18:14.586root 11241100x80000000000000003905184Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.17456603ca0398162022-01-11 12:18:14.586root 11241100x80000000000000003905185Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a7d004f9a811e5672022-01-11 12:18:14.586root 11241100x80000000000000003905186Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ed0d27868e1d1cd2022-01-11 12:18:15.083root 11241100x80000000000000003905187Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d51805da12c8db192022-01-11 12:18:15.083root 11241100x80000000000000003905188Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d19da11a3a0c91d92022-01-11 12:18:15.084root 11241100x80000000000000003905189Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b2665702c4f6207e2022-01-11 12:18:15.084root 11241100x80000000000000003905190Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f21afb6a13d77f552022-01-11 12:18:15.084root 11241100x80000000000000003905191Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.26059849a26d94552022-01-11 12:18:15.084root 11241100x80000000000000003905192Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2967717e5b8fa4692022-01-11 12:18:15.084root 11241100x80000000000000003905193Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.81a206ce7d56caf02022-01-11 12:18:15.084root 11241100x80000000000000003905194Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5435607b76b796222022-01-11 12:18:15.085root 11241100x80000000000000003905195Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.723357837404bfe92022-01-11 12:18:15.085root 11241100x80000000000000003905196Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.87022b2350dde9f72022-01-11 12:18:15.085root 11241100x80000000000000003905197Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e84e3c308122f222022-01-11 12:18:15.085root 11241100x80000000000000003905198Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec973ac4a098453f2022-01-11 12:18:15.085root 11241100x80000000000000003905199Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.67511fc5482d8a302022-01-11 12:18:15.085root 11241100x80000000000000003905200Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.618c81a29f95fca62022-01-11 12:18:15.085root 11241100x80000000000000003905201Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3854105a9d05a6832022-01-11 12:18:15.086root 11241100x80000000000000003905202Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d5fd76e25494de92022-01-11 12:18:15.086root 11241100x80000000000000003905203Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.308ce157ccd16ffe2022-01-11 12:18:15.086root 11241100x80000000000000003905204Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c55133381cd7efe22022-01-11 12:18:15.086root 11241100x80000000000000003905205Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c32500df0c7ff9612022-01-11 12:18:15.086root 11241100x80000000000000003905206Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b1ccca0cc3c502e2022-01-11 12:18:15.086root 11241100x80000000000000003905207Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0fc0ef6069f456372022-01-11 12:18:15.086root 11241100x80000000000000003905208Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d5747448953249082022-01-11 12:18:15.087root 11241100x80000000000000003905209Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.94e56ce905ae5bf52022-01-11 12:18:15.583root 11241100x80000000000000003905210Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0318f4d284de66732022-01-11 12:18:15.583root 11241100x80000000000000003905211Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.628da2336a7c048f2022-01-11 12:18:15.584root 11241100x80000000000000003905212Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff35e59f70cbd2b32022-01-11 12:18:15.584root 11241100x80000000000000003905213Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fef9b18162101e032022-01-11 12:18:15.584root 11241100x80000000000000003905214Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe0d714ca32a56d12022-01-11 12:18:15.584root 11241100x80000000000000003905215Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ec4b9e55bea42cd2022-01-11 12:18:15.584root 11241100x80000000000000003905216Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7487717a8a2f08162022-01-11 12:18:15.584root 11241100x80000000000000003905217Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cee34716cb9f17652022-01-11 12:18:15.584root 11241100x80000000000000003905218Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.75d7e5e50058c9b42022-01-11 12:18:15.585root 11241100x80000000000000003905219Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b42f2a5e2fff9deb2022-01-11 12:18:15.585root 11241100x80000000000000003905220Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cff163492543de412022-01-11 12:18:15.585root 11241100x80000000000000003905221Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4cef4442fcf782322022-01-11 12:18:15.585root 11241100x80000000000000003905222Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c8ea3a149371630b2022-01-11 12:18:15.585root 11241100x80000000000000003905223Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ba17266e2f19ce12022-01-11 12:18:15.586root 11241100x80000000000000003905224Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90ce93d205e5e6022022-01-11 12:18:15.586root 11241100x80000000000000003905225Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e7798e29dad70f02022-01-11 12:18:15.586root 11241100x80000000000000003905226Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca6bd775a304557e2022-01-11 12:18:15.586root 11241100x80000000000000003905227Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee0b9febea5a91192022-01-11 12:18:15.586root 11241100x80000000000000003905228Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38a800f0475c75582022-01-11 12:18:15.587root 11241100x80000000000000003905229Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a22ebc61a63565b2022-01-11 12:18:15.587root 11241100x80000000000000003905230Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38d781f4541a8abf2022-01-11 12:18:15.587root 11241100x80000000000000003905231Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a4eb5c331195504a2022-01-11 12:18:15.587root 11241100x80000000000000003905232Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e73a182357c4699f2022-01-11 12:18:15.587root 11241100x80000000000000003905233Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e25d6bc697a972f2022-01-11 12:18:15.588root 11241100x80000000000000003905234Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f65602d48039cd522022-01-11 12:18:15.588root 11241100x80000000000000003905235Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0953fc60f18bc4b52022-01-11 12:18:16.083root 11241100x80000000000000003905236Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3de2308a781360b52022-01-11 12:18:16.084root 11241100x80000000000000003905237Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.892f6116c22d6afe2022-01-11 12:18:16.084root 11241100x80000000000000003905238Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.468ed33b938741802022-01-11 12:18:16.084root 11241100x80000000000000003905239Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.797376e189d3c49f2022-01-11 12:18:16.084root 11241100x80000000000000003905240Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.60d1e8565fe01dda2022-01-11 12:18:16.084root 11241100x80000000000000003905241Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c3819507db4f60bd2022-01-11 12:18:16.084root 11241100x80000000000000003905242Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69b5f3695493c96a2022-01-11 12:18:16.084root 11241100x80000000000000003905243Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7baab67090297fb22022-01-11 12:18:16.084root 11241100x80000000000000003905244Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.55ada4eccbd91fb72022-01-11 12:18:16.085root 11241100x80000000000000003905245Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9583e0e8729e9b3b2022-01-11 12:18:16.085root 11241100x80000000000000003905246Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee40879208eaa19e2022-01-11 12:18:16.085root 11241100x80000000000000003905247Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e1dc7268ff8b626e2022-01-11 12:18:16.085root 11241100x80000000000000003905248Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.56ee7774b554a4ce2022-01-11 12:18:16.085root 11241100x80000000000000003905249Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2a63b38078f147122022-01-11 12:18:16.085root 11241100x80000000000000003905250Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.79048545c42461482022-01-11 12:18:16.085root 11241100x80000000000000003905251Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c9dd0f3798e2897c2022-01-11 12:18:16.086root 11241100x80000000000000003905252Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae61d43fa4bc2ade2022-01-11 12:18:16.086root 11241100x80000000000000003905253Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9db350e2602bff2c2022-01-11 12:18:16.086root 11241100x80000000000000003905254Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bde055a8ba65103e2022-01-11 12:18:16.086root 11241100x80000000000000003905255Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.32c8d4597269ad272022-01-11 12:18:16.086root 11241100x80000000000000003905256Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c75178e0506a7fd2022-01-11 12:18:16.584root 11241100x80000000000000003905257Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.71198a2f0027c0b72022-01-11 12:18:16.584root 11241100x80000000000000003905258Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.24f7a5a958fbbd052022-01-11 12:18:16.584root 11241100x80000000000000003905259Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.567f4cbc3c0011d92022-01-11 12:18:16.584root 11241100x80000000000000003905260Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2675caa15570ddbd2022-01-11 12:18:16.584root 11241100x80000000000000003905261Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a8487b49342bd1e2022-01-11 12:18:16.584root 11241100x80000000000000003905262Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.65abf10cf7be81f92022-01-11 12:18:16.584root 11241100x80000000000000003905263Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.07b9a2c1b93e31182022-01-11 12:18:16.584root 11241100x80000000000000003905264Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fbefca617ca5f5e82022-01-11 12:18:16.585root 11241100x80000000000000003905265Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.255a655f6e1b71c92022-01-11 12:18:16.585root 11241100x80000000000000003905266Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.19a4a4b9fbc3824e2022-01-11 12:18:16.585root 11241100x80000000000000003905267Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.81ad6ef1bb172ec62022-01-11 12:18:16.585root 11241100x80000000000000003905268Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f38bb873037127a2022-01-11 12:18:16.585root 11241100x80000000000000003905269Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23eee873dac43c842022-01-11 12:18:16.585root 11241100x80000000000000003905270Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a2da5e62d72856622022-01-11 12:18:16.585root 11241100x80000000000000003905271Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.46d09b4fd3b3c7b62022-01-11 12:18:16.585root 11241100x80000000000000003905272Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.49d3b3eeb0068eb62022-01-11 12:18:16.585root 11241100x80000000000000003905273Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d26521df2de5076e2022-01-11 12:18:16.585root 11241100x80000000000000003905274Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e5064ef31a69dbd2022-01-11 12:18:16.585root 11241100x80000000000000003905275Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.64210dda16932eca2022-01-11 12:18:16.585root 11241100x80000000000000003905276Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.815feeed986a3b272022-01-11 12:18:16.585root 11241100x80000000000000003905277Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1dbf2eb30266be672022-01-11 12:18:17.083root 11241100x80000000000000003905278Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd741f381bfd5dcc2022-01-11 12:18:17.083root 11241100x80000000000000003905279Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6a119e564cb722c2022-01-11 12:18:17.083root 11241100x80000000000000003905280Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.19ef2cb9a9fcec5c2022-01-11 12:18:17.083root 11241100x80000000000000003905281Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23a5bc20253ba15d2022-01-11 12:18:17.084root 11241100x80000000000000003905282Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e672be93f2f2ee442022-01-11 12:18:17.084root 11241100x80000000000000003905283Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91b93cc97046a6bf2022-01-11 12:18:17.084root 11241100x80000000000000003905284Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a7a6f3a84fb679f92022-01-11 12:18:17.084root 11241100x80000000000000003905285Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dfd2be0ff59d9ccf2022-01-11 12:18:17.084root 11241100x80000000000000003905286Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.461ab386e2ee91062022-01-11 12:18:17.084root 11241100x80000000000000003905287Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f346d496ea361f72022-01-11 12:18:17.084root 11241100x80000000000000003905288Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3fd2f25102cb3cb52022-01-11 12:18:17.084root 11241100x80000000000000003905289Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d6d7699386c9da22022-01-11 12:18:17.085root 11241100x80000000000000003905290Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa87dc2c572fa1fb2022-01-11 12:18:17.085root 11241100x80000000000000003905291Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b93c31cc82c57b972022-01-11 12:18:17.085root 11241100x80000000000000003905292Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4aafb2a68147b5712022-01-11 12:18:17.085root 11241100x80000000000000003905293Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.14c2382d4a60d8bc2022-01-11 12:18:17.085root 11241100x80000000000000003905294Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9303c40a31501f8a2022-01-11 12:18:17.085root 11241100x80000000000000003905295Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f754e5e4cd7574c22022-01-11 12:18:17.085root 11241100x80000000000000003905296Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f73e1c658765c272022-01-11 12:18:17.085root 11241100x80000000000000003905297Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b8bfa9517831fe872022-01-11 12:18:17.086root 11241100x80000000000000003905298Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac49560362fc142c2022-01-11 12:18:17.086root 11241100x80000000000000003905299Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.784b13ca20af89f52022-01-11 12:18:17.086root 11241100x80000000000000003905300Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4d0e6a0f2331be162022-01-11 12:18:17.583root 11241100x80000000000000003905301Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0726d6fe3979d78f2022-01-11 12:18:17.583root 11241100x80000000000000003905302Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d21b8d0e46fe4222022-01-11 12:18:17.583root 11241100x80000000000000003905303Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.81927349fb3019e82022-01-11 12:18:17.583root 11241100x80000000000000003905304Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ecd8faf2da24823c2022-01-11 12:18:17.584root 11241100x80000000000000003905305Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f9c3b3816bc80772022-01-11 12:18:17.584root 11241100x80000000000000003905306Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.401ffb34a87563cc2022-01-11 12:18:17.584root 11241100x80000000000000003905307Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a9a2b488294f912c2022-01-11 12:18:17.584root 11241100x80000000000000003905308Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e23529894159804a2022-01-11 12:18:17.584root 11241100x80000000000000003905309Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.510b9b5c33e8654b2022-01-11 12:18:17.584root 11241100x80000000000000003905310Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6aeb6b538fd720d2022-01-11 12:18:17.584root 11241100x80000000000000003905311Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8cda26723683ac862022-01-11 12:18:17.584root 11241100x80000000000000003905312Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f618536ed03b5d62022-01-11 12:18:17.584root 11241100x80000000000000003905313Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff72861cd1b5cddd2022-01-11 12:18:17.584root 11241100x80000000000000003905314Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bfb543e82bd5654d2022-01-11 12:18:17.584root 11241100x80000000000000003905315Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.546323c4a00db0102022-01-11 12:18:17.585root 11241100x80000000000000003905316Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ab21e4953c3da6632022-01-11 12:18:17.585root 11241100x80000000000000003905317Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a4a04ba7509a5402022-01-11 12:18:17.585root 11241100x80000000000000003905318Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca10804cda576a8f2022-01-11 12:18:17.585root 11241100x80000000000000003905319Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.353e60e7762f7dd42022-01-11 12:18:17.585root 11241100x80000000000000003905320Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae49e586973bbc8e2022-01-11 12:18:17.585root 11241100x80000000000000003905321Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f1e33eeabf2fe23a2022-01-11 12:18:17.585root 11241100x80000000000000003905322Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e429fdda14ae43b2022-01-11 12:18:17.585root 11241100x80000000000000003905323Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d4a8e3ff410ba30c2022-01-11 12:18:18.083root 11241100x80000000000000003905324Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.86d0eb44ec3d883f2022-01-11 12:18:18.083root 11241100x80000000000000003905325Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3341be3c21bde2262022-01-11 12:18:18.083root 11241100x80000000000000003905326Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e9a60a98ce3d9e02022-01-11 12:18:18.083root 11241100x80000000000000003905327Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8743c8f9edaec85e2022-01-11 12:18:18.083root 11241100x80000000000000003905328Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6b933146a445b272022-01-11 12:18:18.083root 11241100x80000000000000003905329Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e49dc60276eec3d12022-01-11 12:18:18.084root 11241100x80000000000000003905330Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.73496d8580a933f72022-01-11 12:18:18.084root 11241100x80000000000000003905331Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd20c90ed4ecda812022-01-11 12:18:18.084root 11241100x80000000000000003905332Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.422cb834293282a42022-01-11 12:18:18.084root 11241100x80000000000000003905333Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d7c8c7d16c937d892022-01-11 12:18:18.084root 11241100x80000000000000003905334Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.32ce12b031d74a442022-01-11 12:18:18.084root 11241100x80000000000000003905335Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2cf4fd1b24de30d12022-01-11 12:18:18.084root 11241100x80000000000000003905336Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3cc37bc54ba45e92022-01-11 12:18:18.084root 11241100x80000000000000003905337Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4c800fe6065722a2022-01-11 12:18:18.084root 11241100x80000000000000003905338Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4de62d3ba2e532d92022-01-11 12:18:18.084root 11241100x80000000000000003905339Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2251428cfd3860d82022-01-11 12:18:18.084root 11241100x80000000000000003905340Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0f8cf752c69b8832022-01-11 12:18:18.084root 11241100x80000000000000003905341Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2332dea9f03f4ab62022-01-11 12:18:18.084root 11241100x80000000000000003905342Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3055d66f8e1cd2192022-01-11 12:18:18.085root 11241100x80000000000000003905343Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c90d1474fb376a0e2022-01-11 12:18:18.085root 11241100x80000000000000003905344Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d644d4c30d602ba2022-01-11 12:18:18.085root 11241100x80000000000000003905345Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c05ef83066c7d6982022-01-11 12:18:18.583root 11241100x80000000000000003905346Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.61abb639042328942022-01-11 12:18:18.583root 11241100x80000000000000003905347Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.74ac547663d213952022-01-11 12:18:18.583root 11241100x80000000000000003905348Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a821bceeb17bb04a2022-01-11 12:18:18.583root 11241100x80000000000000003905349Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4622a10b4e1fe7fd2022-01-11 12:18:18.583root 11241100x80000000000000003905350Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.27b48d4159a33f1f2022-01-11 12:18:18.584root 11241100x80000000000000003905351Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.913e974b815d7dae2022-01-11 12:18:18.584root 11241100x80000000000000003905352Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.24e291b6b75947b72022-01-11 12:18:18.584root 11241100x80000000000000003905353Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.304aef772a8a0a142022-01-11 12:18:18.584root 11241100x80000000000000003905354Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.12f630a0e7b22cf72022-01-11 12:18:18.584root 11241100x80000000000000003905355Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e3c20d2d624983e2022-01-11 12:18:18.584root 11241100x80000000000000003905356Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a23ab5f7359417fd2022-01-11 12:18:18.584root 11241100x80000000000000003905357Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.131c241e50a2dbc72022-01-11 12:18:18.585root 11241100x80000000000000003905358Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ecb8be6323c9bf92022-01-11 12:18:18.585root 11241100x80000000000000003905359Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f738a1698c8f8662022-01-11 12:18:18.585root 11241100x80000000000000003905360Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3715c6ff9cac149f2022-01-11 12:18:18.585root 11241100x80000000000000003905361Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.98caf47011431d882022-01-11 12:18:18.585root 11241100x80000000000000003905362Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fbde4f7cdeb4ab732022-01-11 12:18:18.585root 11241100x80000000000000003905363Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cdde67f73ff0c2c02022-01-11 12:18:18.585root 11241100x80000000000000003905364Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.24587993d6e83acc2022-01-11 12:18:18.586root 11241100x80000000000000003905365Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b4937e18c8958232022-01-11 12:18:18.586root 11241100x80000000000000003905366Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3c3f64d5b57c94d12022-01-11 12:18:18.586root 11241100x80000000000000003905367Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.150da9f0cae2c1692022-01-11 12:18:18.586root 354300x80000000000000003905368Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.072{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56242-false10.0.1.12-8000- 11241100x80000000000000003905369Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.073{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e49aeb16e391cac22022-01-11 12:18:19.073root 11241100x80000000000000003905370Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.073{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a074df7d889cdee2022-01-11 12:18:19.073root 11241100x80000000000000003905371Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.074{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.916c2b287c93ce462022-01-11 12:18:19.074root 11241100x80000000000000003905372Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.074{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.345b79e0250671f12022-01-11 12:18:19.074root 11241100x80000000000000003905373Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.074{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0ecb99c88d162d282022-01-11 12:18:19.074root 11241100x80000000000000003905374Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.074{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c89b4ca74f16e832022-01-11 12:18:19.074root 11241100x80000000000000003905375Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.074{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96697f8f8425159f2022-01-11 12:18:19.074root 11241100x80000000000000003905376Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.074{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.83435e2083de3e852022-01-11 12:18:19.074root 11241100x80000000000000003905377Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.074{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f30c3246e5c555ba2022-01-11 12:18:19.074root 11241100x80000000000000003905378Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.075{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.19aec5597ce9fe8b2022-01-11 12:18:19.075root 11241100x80000000000000003905379Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.075{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.98e30793947c56bc2022-01-11 12:18:19.075root 11241100x80000000000000003905380Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.075{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0abbc3a7041ffc442022-01-11 12:18:19.075root 11241100x80000000000000003905381Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.075{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.545cfed003d992412022-01-11 12:18:19.075root 11241100x80000000000000003905382Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.075{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.97f02e516543497d2022-01-11 12:18:19.075root 11241100x80000000000000003905383Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.075{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d96951641e3daa52022-01-11 12:18:19.075root 11241100x80000000000000003905384Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.075{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7675876dd27ce94a2022-01-11 12:18:19.075root 11241100x80000000000000003905385Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.075{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6e5c1b37baf61972022-01-11 12:18:19.075root 11241100x80000000000000003905386Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.075{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d7549e08617a296b2022-01-11 12:18:19.075root 11241100x80000000000000003905387Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.076{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.82cfc0b399bf90462022-01-11 12:18:19.076root 11241100x80000000000000003905388Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.076{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.51577c444de9b4f82022-01-11 12:18:19.076root 11241100x80000000000000003905389Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.076{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c7d3ab6d3070ae32022-01-11 12:18:19.076root 11241100x80000000000000003905390Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.076{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6898aa24c6b279722022-01-11 12:18:19.076root 11241100x80000000000000003905391Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.076{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f0fea6f8563a42cd2022-01-11 12:18:19.076root 11241100x80000000000000003905392Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.076{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5aa92c2aba18fb8a2022-01-11 12:18:19.076root 11241100x80000000000000003905393Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.026f5d63fb68a99b2022-01-11 12:18:19.334root 11241100x80000000000000003905394Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2e1777ef5f7c2be2022-01-11 12:18:19.334root 11241100x80000000000000003905395Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed5d0382f767a6bf2022-01-11 12:18:19.334root 11241100x80000000000000003905396Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e3557b713cb3c0732022-01-11 12:18:19.334root 11241100x80000000000000003905397Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.481f8d403aa082c42022-01-11 12:18:19.334root 11241100x80000000000000003905398Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.16418b71f97b73152022-01-11 12:18:19.334root 11241100x80000000000000003905399Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c76244b58dd02bdf2022-01-11 12:18:19.334root 11241100x80000000000000003905400Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c84aa3e71149c852022-01-11 12:18:19.334root 11241100x80000000000000003905401Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b2b96752bf68a1192022-01-11 12:18:19.335root 11241100x80000000000000003905402Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d34bcaed730d79182022-01-11 12:18:19.335root 11241100x80000000000000003905403Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1a9afdfa237938f2022-01-11 12:18:19.335root 11241100x80000000000000003905404Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0815df3c0db002662022-01-11 12:18:19.335root 11241100x80000000000000003905405Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95a6dfd2f3d7337f2022-01-11 12:18:19.335root 11241100x80000000000000003905406Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e9fbe4753e573ccc2022-01-11 12:18:19.335root 11241100x80000000000000003905407Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8de5f90f68ff4a202022-01-11 12:18:19.336root 11241100x80000000000000003905408Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dffb5c3aa04617ad2022-01-11 12:18:19.336root 11241100x80000000000000003905409Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.208266d7830129f12022-01-11 12:18:19.336root 11241100x80000000000000003905410Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.721a04ee2ed4a4f92022-01-11 12:18:19.336root 11241100x80000000000000003905411Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a5b0dc3f9c0f8da82022-01-11 12:18:19.336root 11241100x80000000000000003905412Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff3d80d6019f7fff2022-01-11 12:18:19.336root 11241100x80000000000000003905413Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d97cdcc35d0680a22022-01-11 12:18:19.336root 11241100x80000000000000003905414Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9645c796523e63952022-01-11 12:18:19.337root 11241100x80000000000000003905415Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.20b533b545c4649e2022-01-11 12:18:19.833root 11241100x80000000000000003905416Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b561afa849a701c62022-01-11 12:18:19.833root 11241100x80000000000000003905417Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4285cd12aa8a3162022-01-11 12:18:19.834root 11241100x80000000000000003905418Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d5406ad14806e5eb2022-01-11 12:18:19.834root 11241100x80000000000000003905419Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9bb8302c5ca8cc4d2022-01-11 12:18:19.834root 11241100x80000000000000003905420Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a5799371a8d0cae22022-01-11 12:18:19.834root 11241100x80000000000000003905421Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7852ad98359ccd582022-01-11 12:18:19.834root 11241100x80000000000000003905422Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b2c103123233a23b2022-01-11 12:18:19.834root 11241100x80000000000000003905423Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f55a409ab2edf3c2022-01-11 12:18:19.834root 11241100x80000000000000003905424Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc895d1ab6e6efcf2022-01-11 12:18:19.834root 11241100x80000000000000003905425Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.20818f3c6791bc542022-01-11 12:18:19.834root 11241100x80000000000000003905426Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.93e9e7d467ad16832022-01-11 12:18:19.834root 11241100x80000000000000003905427Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3cd33d2b5f91ef502022-01-11 12:18:19.834root 11241100x80000000000000003905428Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.985a4b7082c42c812022-01-11 12:18:19.835root 11241100x80000000000000003905429Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b8c5bee10028df92022-01-11 12:18:19.835root 11241100x80000000000000003905430Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f38e52f507796f02022-01-11 12:18:19.835root 11241100x80000000000000003905431Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.418bba584a02d2d22022-01-11 12:18:19.835root 11241100x80000000000000003905432Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d233b80b40d03b412022-01-11 12:18:19.835root 11241100x80000000000000003905433Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.140956d58066306a2022-01-11 12:18:19.835root 11241100x80000000000000003905434Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d3e1202e36ac78c32022-01-11 12:18:19.835root 11241100x80000000000000003905435Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4582525ab8c372ab2022-01-11 12:18:19.835root 11241100x80000000000000003905436Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54c2be5fab19c81d2022-01-11 12:18:19.835root 11241100x80000000000000003905437Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7179100cae116b42022-01-11 12:18:20.334root 11241100x80000000000000003905438Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce1a3ffec6df6b3e2022-01-11 12:18:20.334root 11241100x80000000000000003905439Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dbf75a27cc2000012022-01-11 12:18:20.334root 11241100x80000000000000003905440Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4d85ed72934f23dc2022-01-11 12:18:20.335root 11241100x80000000000000003905441Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c6ee3005abf59d92022-01-11 12:18:20.335root 11241100x80000000000000003905442Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.93849956d3627e112022-01-11 12:18:20.335root 11241100x80000000000000003905443Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.80814fc821ca1aa12022-01-11 12:18:20.336root 11241100x80000000000000003905444Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.51f03a8efe1d502e2022-01-11 12:18:20.336root 11241100x80000000000000003905445Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d77cff7e59c9c5602022-01-11 12:18:20.336root 11241100x80000000000000003905446Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d0f6f72af97f33f92022-01-11 12:18:20.336root 11241100x80000000000000003905447Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a5361f48b0d997c52022-01-11 12:18:20.336root 11241100x80000000000000003905448Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af3486fdf24bc5792022-01-11 12:18:20.336root 11241100x80000000000000003905449Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4eb90e672ad5c00e2022-01-11 12:18:20.337root 11241100x80000000000000003905450Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de1142b8ff7d23822022-01-11 12:18:20.337root 11241100x80000000000000003905451Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c4d001415b1d8fb2022-01-11 12:18:20.337root 11241100x80000000000000003905452Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.26abb756d76b73d32022-01-11 12:18:20.337root 11241100x80000000000000003905453Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.799681dfd9ba10922022-01-11 12:18:20.337root 11241100x80000000000000003905454Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eea14e0ed14e662f2022-01-11 12:18:20.337root 11241100x80000000000000003905455Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.27090cf98975393b2022-01-11 12:18:20.337root 11241100x80000000000000003905456Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d5200d7ca192023b2022-01-11 12:18:20.337root 11241100x80000000000000003905457Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fb9cd968578574fd2022-01-11 12:18:20.337root 11241100x80000000000000003905458Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f1dd147d75b4a5a2022-01-11 12:18:20.337root 11241100x80000000000000003905459Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b0fa6e05abcca86f2022-01-11 12:18:20.833root 11241100x80000000000000003905460Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.adca8f7aa43925732022-01-11 12:18:20.833root 11241100x80000000000000003905461Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9a861e70220f7742022-01-11 12:18:20.834root 11241100x80000000000000003905462Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4577bac74641104a2022-01-11 12:18:20.834root 11241100x80000000000000003905463Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.882b583df35997142022-01-11 12:18:20.834root 11241100x80000000000000003905464Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8906698ad8b36e232022-01-11 12:18:20.834root 11241100x80000000000000003905465Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77d331464bdbb4362022-01-11 12:18:20.834root 11241100x80000000000000003905466Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4180b0fc2fde63362022-01-11 12:18:20.834root 11241100x80000000000000003905467Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0624e2f1cf0702bc2022-01-11 12:18:20.834root 11241100x80000000000000003905468Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.428a66a2ecdd91112022-01-11 12:18:20.834root 11241100x80000000000000003905469Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.08397c6c3633d4552022-01-11 12:18:20.834root 11241100x80000000000000003905470Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6e4d1ee7172b1cc2022-01-11 12:18:20.834root 11241100x80000000000000003905471Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.97850ccdbecfc15b2022-01-11 12:18:20.835root 11241100x80000000000000003905472Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e3f981ffa8d1d8ae2022-01-11 12:18:20.835root 11241100x80000000000000003905473Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9f34aa75b560c1892022-01-11 12:18:20.835root 11241100x80000000000000003905474Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9df1e571af42d7cc2022-01-11 12:18:20.835root 11241100x80000000000000003905475Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ad61140a8fa75c342022-01-11 12:18:20.835root 11241100x80000000000000003905476Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e070c0f6339644eb2022-01-11 12:18:20.835root 11241100x80000000000000003905477Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.49380a45a4d6e0092022-01-11 12:18:20.835root 11241100x80000000000000003905478Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d5f47439411fb332022-01-11 12:18:20.836root 11241100x80000000000000003905479Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.83e9ad33c3c039c22022-01-11 12:18:20.836root 11241100x80000000000000003905480Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9de44f2d3a4ff6db2022-01-11 12:18:20.836root 11241100x80000000000000003905481Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a661b7670f7e2352022-01-11 12:18:21.334root 11241100x80000000000000003905482Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.783a3af25bb202de2022-01-11 12:18:21.334root 11241100x80000000000000003905483Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d56aff0a638ba6da2022-01-11 12:18:21.334root 11241100x80000000000000003905484Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ebc00cb6a4f104d2022-01-11 12:18:21.335root 11241100x80000000000000003905485Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b339aa2b7082c1e42022-01-11 12:18:21.335root 11241100x80000000000000003905486Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da85f4adb31fb3ee2022-01-11 12:18:21.335root 11241100x80000000000000003905487Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.28e791d832b0f00e2022-01-11 12:18:21.335root 11241100x80000000000000003905488Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa902af7ead74fdf2022-01-11 12:18:21.335root 11241100x80000000000000003905489Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6de3b03dcebf15e2022-01-11 12:18:21.335root 11241100x80000000000000003905490Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.336873986393e8482022-01-11 12:18:21.336root 11241100x80000000000000003905491Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.060ec81d73f8b5702022-01-11 12:18:21.336root 11241100x80000000000000003905492Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3841fb3a71f702c92022-01-11 12:18:21.336root 11241100x80000000000000003905493Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b09dce4cd4e2db7d2022-01-11 12:18:21.336root 11241100x80000000000000003905494Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.97f37424a579536c2022-01-11 12:18:21.336root 11241100x80000000000000003905495Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e7ce147898d15cd2022-01-11 12:18:21.336root 11241100x80000000000000003905496Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4418c6e3264f3bd82022-01-11 12:18:21.336root 11241100x80000000000000003905497Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8fa9e6fff57778682022-01-11 12:18:21.336root 11241100x80000000000000003905498Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d5f16f1e7c51357e2022-01-11 12:18:21.336root 11241100x80000000000000003905499Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e22970ce7ba457202022-01-11 12:18:21.336root 11241100x80000000000000003905500Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.84e8fd94768165152022-01-11 12:18:21.336root 11241100x80000000000000003905501Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2958f7b3fc09ed102022-01-11 12:18:21.338root 11241100x80000000000000003905502Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91a5c21330a56f922022-01-11 12:18:21.338root 11241100x80000000000000003905503Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.87d305844c5ab2bc2022-01-11 12:18:21.338root 11241100x80000000000000003905504Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a9f96cdff016b8342022-01-11 12:18:21.338root 11241100x80000000000000003905505Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.748209391cca9ca12022-01-11 12:18:21.338root 11241100x80000000000000003905506Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ac0dcc3a03b2f632022-01-11 12:18:21.338root 11241100x80000000000000003905507Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.42ef9729fd365a462022-01-11 12:18:21.338root 11241100x80000000000000003905508Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e917bddeed623972022-01-11 12:18:21.338root 11241100x80000000000000003905509Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae8d0571813255ae2022-01-11 12:18:21.833root 11241100x80000000000000003905510Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.51a68ee9584f8b062022-01-11 12:18:21.833root 11241100x80000000000000003905511Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dcb1b33809307ab22022-01-11 12:18:21.833root 11241100x80000000000000003905512Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f31aa733828cd9c2022-01-11 12:18:21.834root 11241100x80000000000000003905513Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9dd24c684346fadd2022-01-11 12:18:21.834root 11241100x80000000000000003905514Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.24145395096c72332022-01-11 12:18:21.834root 11241100x80000000000000003905515Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2685c7ebbc580ee22022-01-11 12:18:21.834root 11241100x80000000000000003905516Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9321e6af89739f5a2022-01-11 12:18:21.835root 11241100x80000000000000003905517Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c21fb5fdd3932472022-01-11 12:18:21.835root 11241100x80000000000000003905518Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d645e5ca2f228fe2022-01-11 12:18:21.835root 11241100x80000000000000003905519Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d381b4ac6749f122022-01-11 12:18:21.835root 11241100x80000000000000003905520Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.425d7f282f0f621d2022-01-11 12:18:21.835root 11241100x80000000000000003905521Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a407bbcf141e4bf2022-01-11 12:18:21.835root 11241100x80000000000000003905522Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee6848283a84b80c2022-01-11 12:18:21.835root 11241100x80000000000000003905523Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec85b2f5399b2c682022-01-11 12:18:21.836root 11241100x80000000000000003905524Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e5ee0a63af145c772022-01-11 12:18:21.836root 11241100x80000000000000003905525Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dff62161e45a7a5a2022-01-11 12:18:21.836root 11241100x80000000000000003905526Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bbaa659cf1ea119a2022-01-11 12:18:21.836root 11241100x80000000000000003905527Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ff160bcb7db8e5a2022-01-11 12:18:21.836root 11241100x80000000000000003905528Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.71af8071f95192402022-01-11 12:18:21.836root 11241100x80000000000000003905529Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.edad98082775c37a2022-01-11 12:18:21.836root 11241100x80000000000000003905530Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6e160c4d20bf4d822022-01-11 12:18:21.836root 11241100x80000000000000003905531Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d19e0c031a30f5202022-01-11 12:18:22.334root 11241100x80000000000000003905532Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.567aabb1d531ad312022-01-11 12:18:22.334root 11241100x80000000000000003905533Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0752fc4d541b8f102022-01-11 12:18:22.334root 11241100x80000000000000003905534Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.068380276e2cf8df2022-01-11 12:18:22.334root 11241100x80000000000000003905535Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b12353528198dbe2022-01-11 12:18:22.334root 11241100x80000000000000003905536Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de40c2c9a064a70c2022-01-11 12:18:22.334root 11241100x80000000000000003905537Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.11009e2f174f3d652022-01-11 12:18:22.335root 11241100x80000000000000003905538Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f5315f86f9d54e0c2022-01-11 12:18:22.335root 11241100x80000000000000003905539Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1471195ba8a1435d2022-01-11 12:18:22.335root 11241100x80000000000000003905540Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc4cbcf43874ba1e2022-01-11 12:18:22.335root 11241100x80000000000000003905541Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b8db050790caf042022-01-11 12:18:22.335root 11241100x80000000000000003905542Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a732162ea1de9452022-01-11 12:18:22.335root 11241100x80000000000000003905543Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4ad347214d6937d2022-01-11 12:18:22.335root 11241100x80000000000000003905544Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5fd4cc26c1a302b22022-01-11 12:18:22.335root 11241100x80000000000000003905545Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4a65b240c1e2e692022-01-11 12:18:22.335root 11241100x80000000000000003905546Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.01be0f05d16f73ae2022-01-11 12:18:22.336root 11241100x80000000000000003905547Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ebdfc51fae862922022-01-11 12:18:22.336root 11241100x80000000000000003905548Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a9695613ff4cc632022-01-11 12:18:22.336root 11241100x80000000000000003905549Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.868e10feae7ad59e2022-01-11 12:18:22.336root 11241100x80000000000000003905550Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd502305974eb8182022-01-11 12:18:22.336root 11241100x80000000000000003905551Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cab70e1539cfea7e2022-01-11 12:18:22.336root 11241100x80000000000000003905552Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.611abbf4ada3f28b2022-01-11 12:18:22.336root 11241100x80000000000000003905553Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7593f0e41ddbc28f2022-01-11 12:18:22.834root 11241100x80000000000000003905554Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b9c999ad7c4d58b2022-01-11 12:18:22.834root 11241100x80000000000000003905555Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db0b2b4fef9f4acc2022-01-11 12:18:22.834root 11241100x80000000000000003905556Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1ee4e6923f2e709d2022-01-11 12:18:22.834root 11241100x80000000000000003905557Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9004aa3809f796a2022-01-11 12:18:22.835root 11241100x80000000000000003905558Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.547e2372105fa7ed2022-01-11 12:18:22.835root 11241100x80000000000000003905559Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d9950bc46a89d122022-01-11 12:18:22.835root 11241100x80000000000000003905560Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.58f94d790cf4b53c2022-01-11 12:18:22.835root 11241100x80000000000000003905561Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d7eefdb81f2a51b82022-01-11 12:18:22.835root 11241100x80000000000000003905562Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b07b472a394f5fc2022-01-11 12:18:22.835root 11241100x80000000000000003905563Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d35b1975c8cbe4052022-01-11 12:18:22.836root 11241100x80000000000000003905564Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e5f27e7d52b37742022-01-11 12:18:22.836root 11241100x80000000000000003905565Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.964dd91d44da6b3c2022-01-11 12:18:22.836root 11241100x80000000000000003905566Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c8ada7ef82dcbacd2022-01-11 12:18:22.836root 11241100x80000000000000003905567Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e06409f780af9bb42022-01-11 12:18:22.836root 11241100x80000000000000003905568Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1975662694172fd2022-01-11 12:18:22.836root 11241100x80000000000000003905569Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f70807e4def22892022-01-11 12:18:22.836root 11241100x80000000000000003905570Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.79914326d01a012c2022-01-11 12:18:22.836root 11241100x80000000000000003905571Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1185d04b870309162022-01-11 12:18:22.836root 11241100x80000000000000003905572Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02e7c0753b1abc642022-01-11 12:18:22.836root 11241100x80000000000000003905573Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac71d993c15153372022-01-11 12:18:22.837root 11241100x80000000000000003905574Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.106c28c2071292422022-01-11 12:18:22.837root 11241100x80000000000000003905575Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e8283a2296e0e6d2022-01-11 12:18:23.334root 11241100x80000000000000003905576Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5542b1a0b23fbf682022-01-11 12:18:23.334root 11241100x80000000000000003905577Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7cedd20cd5f41872022-01-11 12:18:23.334root 11241100x80000000000000003905578Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.865bc3b7f9e8ab3b2022-01-11 12:18:23.334root 11241100x80000000000000003905579Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41d5d7d9a36b7e032022-01-11 12:18:23.334root 11241100x80000000000000003905580Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.797cbca21c732f9a2022-01-11 12:18:23.334root 11241100x80000000000000003905581Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f3ff66700d9a1cd62022-01-11 12:18:23.334root 11241100x80000000000000003905582Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3820eb98fc3bab592022-01-11 12:18:23.334root 11241100x80000000000000003905583Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d62f0f309ecf4952022-01-11 12:18:23.335root 11241100x80000000000000003905584Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f77727d13b9a25a2022-01-11 12:18:23.335root 11241100x80000000000000003905585Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa9093bb0db933ef2022-01-11 12:18:23.335root 11241100x80000000000000003905586Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95cdfc6bf31afec32022-01-11 12:18:23.335root 11241100x80000000000000003905587Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.62c532c7dc06f5902022-01-11 12:18:23.335root 11241100x80000000000000003905588Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc436b64b7882d392022-01-11 12:18:23.335root 11241100x80000000000000003905589Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9074841f6619f1a32022-01-11 12:18:23.335root 11241100x80000000000000003905590Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f3b8459e8532c70a2022-01-11 12:18:23.335root 11241100x80000000000000003905591Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a171c952fbd271412022-01-11 12:18:23.335root 11241100x80000000000000003905592Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a73c09a80d84edf82022-01-11 12:18:23.335root 11241100x80000000000000003905593Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1e807bc8a6eea4fd2022-01-11 12:18:23.335root 11241100x80000000000000003905594Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c5347ff6b492151d2022-01-11 12:18:23.336root 11241100x80000000000000003905595Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2cc1dcc849356b442022-01-11 12:18:23.336root 11241100x80000000000000003905596Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ad6e2dd38603dff62022-01-11 12:18:23.336root 11241100x80000000000000003905597Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ea93e652e0ea6b12022-01-11 12:18:23.834root 11241100x80000000000000003905598Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be7da126f466870b2022-01-11 12:18:23.834root 11241100x80000000000000003905599Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0957041508beee8a2022-01-11 12:18:23.834root 11241100x80000000000000003905600Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5dd296f87c7cce482022-01-11 12:18:23.834root 11241100x80000000000000003905601Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.932c3e5e5dbde9d32022-01-11 12:18:23.834root 11241100x80000000000000003905602Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bca9f17b388b75ad2022-01-11 12:18:23.834root 11241100x80000000000000003905603Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.565bd77e0427fdef2022-01-11 12:18:23.834root 11241100x80000000000000003905604Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6cfceca97ed9d0852022-01-11 12:18:23.834root 11241100x80000000000000003905605Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d7e17741b19d5882022-01-11 12:18:23.834root 11241100x80000000000000003905606Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d90924cf8df27d0a2022-01-11 12:18:23.835root 11241100x80000000000000003905607Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.60e9ad55eca4b0e02022-01-11 12:18:23.835root 11241100x80000000000000003905608Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9459d48f6d26aa62022-01-11 12:18:23.835root 11241100x80000000000000003905609Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9fb32556fd46e0a82022-01-11 12:18:23.835root 11241100x80000000000000003905610Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.89922e5378e003812022-01-11 12:18:23.835root 11241100x80000000000000003905611Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ee0db26fceaa6ab2022-01-11 12:18:23.835root 11241100x80000000000000003905612Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.06a7ad9ae431807b2022-01-11 12:18:23.836root 11241100x80000000000000003905613Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c47de9f8603c2ee2022-01-11 12:18:23.836root 11241100x80000000000000003905614Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0df0eccc382a1162022-01-11 12:18:23.836root 11241100x80000000000000003905615Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.530be859107b16bb2022-01-11 12:18:23.836root 11241100x80000000000000003905616Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c307154400538282022-01-11 12:18:23.836root 11241100x80000000000000003905617Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db03ed68426cdce52022-01-11 12:18:23.836root 11241100x80000000000000003905618Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.66a2c0cbef5ff2352022-01-11 12:18:23.836root 354300x80000000000000003905619Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.191{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56244-false10.0.1.12-8000- 11241100x80000000000000003905620Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.192{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8079d8cdab95c71b2022-01-11 12:18:24.192root 11241100x80000000000000003905621Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.192{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bdf7ce96252cbe462022-01-11 12:18:24.192root 11241100x80000000000000003905622Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.192{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.57c5c115224e45762022-01-11 12:18:24.192root 11241100x80000000000000003905623Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.192{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd8b8d9867bf0dd22022-01-11 12:18:24.192root 11241100x80000000000000003905624Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.192{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.343b31df65b5d0d82022-01-11 12:18:24.192root 11241100x80000000000000003905625Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.192{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8852aaf6047b9cb2022-01-11 12:18:24.192root 11241100x80000000000000003905626Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.192{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4299cacd812756452022-01-11 12:18:24.192root 11241100x80000000000000003905627Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.193{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48e87b6b57274bff2022-01-11 12:18:24.193root 11241100x80000000000000003905628Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.193{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e583f1f31fb5419b2022-01-11 12:18:24.193root 11241100x80000000000000003905629Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.193{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.10a9c04b544216462022-01-11 12:18:24.193root 11241100x80000000000000003905630Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.193{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7942eb9bc9acfe662022-01-11 12:18:24.193root 11241100x80000000000000003905631Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.193{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f09603c6f8d619f2022-01-11 12:18:24.193root 11241100x80000000000000003905632Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.193{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d96a15814763039e2022-01-11 12:18:24.193root 11241100x80000000000000003905633Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.194{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.218284bae2ba98352022-01-11 12:18:24.194root 11241100x80000000000000003905634Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.194{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d108bc5a84782e162022-01-11 12:18:24.194root 11241100x80000000000000003905635Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.194{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb041059c7365a0b2022-01-11 12:18:24.194root 11241100x80000000000000003905636Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.194{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.11c4436833a966ad2022-01-11 12:18:24.194root 11241100x80000000000000003905637Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.194{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee3d17fb5724b3452022-01-11 12:18:24.194root 11241100x80000000000000003905638Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.194{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5bcfb8728521601f2022-01-11 12:18:24.194root 11241100x80000000000000003905639Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.194{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.15f08f0df958bf4f2022-01-11 12:18:24.194root 11241100x80000000000000003905640Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.194{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d495bbc718be50d2022-01-11 12:18:24.194root 11241100x80000000000000003905641Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.194{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ebab2ebd85504da2022-01-11 12:18:24.194root 11241100x80000000000000003905642Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.194{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.50e2ec596d5914552022-01-11 12:18:24.194root 11241100x80000000000000003905643Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.194{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a80bc15b7bed346b2022-01-11 12:18:24.194root 11241100x80000000000000003905644Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.194{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ac8c347c800f2d12022-01-11 12:18:24.194root 11241100x80000000000000003905645Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.194{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e2665f7378572e342022-01-11 12:18:24.194root 11241100x80000000000000003905646Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.195{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d5310d7dd562bb62022-01-11 12:18:24.195root 11241100x80000000000000003905647Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.195{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.39300a674b69d10b2022-01-11 12:18:24.195root 11241100x80000000000000003905648Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.20821beb1d9a134f2022-01-11 12:18:24.584root 11241100x80000000000000003905649Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d17593e6b5ca57f2022-01-11 12:18:24.584root 11241100x80000000000000003905650Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f4e869f17082cf12022-01-11 12:18:24.584root 11241100x80000000000000003905651Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb75c3bb436f160e2022-01-11 12:18:24.584root 11241100x80000000000000003905652Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d9685fbf4e554de2022-01-11 12:18:24.585root 11241100x80000000000000003905653Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aab92ac2db9004c32022-01-11 12:18:24.585root 11241100x80000000000000003905654Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ea13d948c1b1ef852022-01-11 12:18:24.585root 11241100x80000000000000003905655Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8dfff6661ac13c702022-01-11 12:18:24.585root 11241100x80000000000000003905656Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.88859e654897e77d2022-01-11 12:18:24.585root 11241100x80000000000000003905657Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f5872d231fb26fec2022-01-11 12:18:24.585root 11241100x80000000000000003905658Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e25866ab03d59c322022-01-11 12:18:24.585root 11241100x80000000000000003905659Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ad302540d133a6b62022-01-11 12:18:24.585root 11241100x80000000000000003905660Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a67b6e8247621d8d2022-01-11 12:18:24.585root 11241100x80000000000000003905661Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc517748cb3b10a32022-01-11 12:18:24.585root 11241100x80000000000000003905662Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.18f9dc4685043a2b2022-01-11 12:18:24.586root 11241100x80000000000000003905663Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4471a43630c4f7fd2022-01-11 12:18:24.586root 11241100x80000000000000003905664Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b5ba7aa5375c5ee2022-01-11 12:18:24.586root 11241100x80000000000000003905665Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.19c95c5aa0ebf8b62022-01-11 12:18:24.586root 11241100x80000000000000003905666Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76940c475db2db9a2022-01-11 12:18:24.586root 11241100x80000000000000003905667Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.44b7a09b061373a82022-01-11 12:18:24.586root 11241100x80000000000000003905668Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a02ae427fdee97342022-01-11 12:18:24.586root 11241100x80000000000000003905669Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.50ab1d117f5599362022-01-11 12:18:24.586root 11241100x80000000000000003905670Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4cf4f35c68dfefc12022-01-11 12:18:24.586root 11241100x80000000000000003905671Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.896{ec2d504d-f0f9-61db-30a8-2a40f5550000}5391/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log2022-01-11 12:18:24.896root 11241100x80000000000000003905672Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.951c9e169b9a4e8b2022-01-11 12:18:24.897root 11241100x80000000000000003905673Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a91fc48bfdcc12e2022-01-11 12:18:24.897root 11241100x80000000000000003905674Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2bff53d9ee0c7f432022-01-11 12:18:24.897root 11241100x80000000000000003905675Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4af7e72e1dc685862022-01-11 12:18:24.897root 11241100x80000000000000003905676Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f3db165c71168b02022-01-11 12:18:24.897root 11241100x80000000000000003905677Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.66e66383da5cbb882022-01-11 12:18:24.897root 11241100x80000000000000003905678Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96a4eb920f634b882022-01-11 12:18:24.897root 11241100x80000000000000003905679Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02c799bd13e6f27f2022-01-11 12:18:24.897root 11241100x80000000000000003905680Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a9739a63cfecc4d2022-01-11 12:18:24.897root 11241100x80000000000000003905681Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d9ce3755823992e2022-01-11 12:18:24.897root 11241100x80000000000000003905682Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.80624cde4c24fc6b2022-01-11 12:18:24.897root 11241100x80000000000000003905683Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d5aa793b417ba5462022-01-11 12:18:24.897root 11241100x80000000000000003905684Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.68640ae69d22f24e2022-01-11 12:18:24.898root 11241100x80000000000000003905685Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.678174b5985d92522022-01-11 12:18:24.898root 11241100x80000000000000003905686Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e05e8c6b520b95e2022-01-11 12:18:24.898root 11241100x80000000000000003905687Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.124160771e224f592022-01-11 12:18:24.898root 11241100x80000000000000003905688Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3698ac043d613f022022-01-11 12:18:24.898root 11241100x80000000000000003905689Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.10f40a4a62c31f4f2022-01-11 12:18:24.898root 11241100x80000000000000003905690Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25fede11cc3f52252022-01-11 12:18:24.898root 11241100x80000000000000003905691Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c048ac08d4d8f22a2022-01-11 12:18:24.898root 11241100x80000000000000003905692Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8ec34e7a329d3132022-01-11 12:18:24.898root 11241100x80000000000000003905693Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0f04d47019f184a2022-01-11 12:18:24.898root 11241100x80000000000000003905694Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.899{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e87077afbced6e2a2022-01-11 12:18:24.899root 11241100x80000000000000003905695Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.899{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.198291967294bad42022-01-11 12:18:24.899root 11241100x80000000000000003905696Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.899{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c79e5126ae2b41f2022-01-11 12:18:24.899root 11241100x80000000000000003905697Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.899{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3809cdaf3fe37bdb2022-01-11 12:18:24.899root 11241100x80000000000000003905698Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.899{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f9ab143ea04b741e2022-01-11 12:18:24.899root 354300x80000000000000003905699Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.942{ec2d504d-f0f9-61db-30a8-2a40f5550000}5391/opt/splunkforwarder/bin/splunkdroottcptruefalse10.0.1.25-34178-false10.0.1.12-8089- 11241100x80000000000000003905700Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.06eefd92ee2415992022-01-11 12:18:25.333root 11241100x80000000000000003905701Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6abc7403349295d2022-01-11 12:18:25.333root 11241100x80000000000000003905702Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.083a32cfd82aed8d2022-01-11 12:18:25.334root 11241100x80000000000000003905703Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c70366440716eed2022-01-11 12:18:25.334root 11241100x80000000000000003905704Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.492c9e7532d09a8a2022-01-11 12:18:25.334root 11241100x80000000000000003905705Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d5b34c5dd88f7cf2022-01-11 12:18:25.334root 11241100x80000000000000003905706Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25dbf1804fb66bd92022-01-11 12:18:25.334root 11241100x80000000000000003905707Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f79f80cafdb1b1972022-01-11 12:18:25.334root 11241100x80000000000000003905708Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c6b89c04b655ed02022-01-11 12:18:25.335root 11241100x80000000000000003905709Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3714d39a5b03a31d2022-01-11 12:18:25.335root 11241100x80000000000000003905710Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a739b320f2d84742022-01-11 12:18:25.335root 11241100x80000000000000003905711Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4711bc6bacc1d1d02022-01-11 12:18:25.335root 11241100x80000000000000003905712Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.102050e496aa60bd2022-01-11 12:18:25.335root 11241100x80000000000000003905713Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1d6de4b500b4ae02022-01-11 12:18:25.335root 11241100x80000000000000003905714Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.775715bde03c73022022-01-11 12:18:25.335root 11241100x80000000000000003905715Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8a635627e86d8be2022-01-11 12:18:25.335root 11241100x80000000000000003905716Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8440d6352a1b84932022-01-11 12:18:25.336root 11241100x80000000000000003905717Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.381fc4f37d0a31332022-01-11 12:18:25.336root 11241100x80000000000000003905718Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d21f757d3fc52722022-01-11 12:18:25.336root 11241100x80000000000000003905719Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f875c49631cab462022-01-11 12:18:25.336root 11241100x80000000000000003905720Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54c52d38006036062022-01-11 12:18:25.336root 11241100x80000000000000003905721Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc747aba3666d1f32022-01-11 12:18:25.336root 11241100x80000000000000003905722Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a4d11844ff1d2e2b2022-01-11 12:18:25.336root 11241100x80000000000000003905723Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b352e63b46f1ce992022-01-11 12:18:25.336root 11241100x80000000000000003905724Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9624e97e5233ff5c2022-01-11 12:18:25.336root 11241100x80000000000000003905725Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00dce7b0678e1de02022-01-11 12:18:25.833root 11241100x80000000000000003905726Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ba1e59c6eb749302022-01-11 12:18:25.833root 11241100x80000000000000003905727Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69eec3015c175e1e2022-01-11 12:18:25.834root 11241100x80000000000000003905728Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1ba66148c46db592022-01-11 12:18:25.834root 11241100x80000000000000003905729Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d86519c2864be7a2022-01-11 12:18:25.834root 11241100x80000000000000003905730Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95cab08581cd42dc2022-01-11 12:18:25.835root 11241100x80000000000000003905731Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc4807412a16da4f2022-01-11 12:18:25.835root 11241100x80000000000000003905732Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ccc690921f5409e2022-01-11 12:18:25.835root 11241100x80000000000000003905733Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2bb982edf32de5e52022-01-11 12:18:25.835root 11241100x80000000000000003905734Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef3819c028c841442022-01-11 12:18:25.835root 11241100x80000000000000003905735Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.94279a79ebd32f9e2022-01-11 12:18:25.835root 11241100x80000000000000003905736Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c01670231d7535bc2022-01-11 12:18:25.835root 11241100x80000000000000003905737Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c1c2523498aeb7c92022-01-11 12:18:25.835root 11241100x80000000000000003905738Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.868766cf6a048d262022-01-11 12:18:25.835root 11241100x80000000000000003905739Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cb31a68382977ab82022-01-11 12:18:25.835root 11241100x80000000000000003905740Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48e74d67f821816c2022-01-11 12:18:25.836root 11241100x80000000000000003905741Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8834ce60d64cbd332022-01-11 12:18:25.836root 11241100x80000000000000003905742Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.743539803464cf912022-01-11 12:18:25.836root 11241100x80000000000000003905743Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.24b61edc5a89da102022-01-11 12:18:25.836root 11241100x80000000000000003905744Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.93656c7304173ccf2022-01-11 12:18:25.836root 11241100x80000000000000003905745Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0defb93938410502022-01-11 12:18:25.836root 11241100x80000000000000003905746Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02f91db09e16e7dd2022-01-11 12:18:25.836root 11241100x80000000000000003905747Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69946a7061c4c4ba2022-01-11 12:18:25.836root 11241100x80000000000000003905748Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0809f834f340df72022-01-11 12:18:25.836root 11241100x80000000000000003905749Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9736d51f986db7bd2022-01-11 12:18:25.836root 11241100x80000000000000003905750Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c5d1cd4ce11bfe22022-01-11 12:18:25.836root 11241100x80000000000000003905751Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.36e41e7a72ca763c2022-01-11 12:18:25.836root 11241100x80000000000000003905752Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.53f81e942ff9bb5e2022-01-11 12:18:25.836root 11241100x80000000000000003905753Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.35429f6dddd4162a2022-01-11 12:18:25.836root 11241100x80000000000000003905754Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2291900edf829f052022-01-11 12:18:26.333root 11241100x80000000000000003905755Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d05b9c5de7afacb2022-01-11 12:18:26.333root 11241100x80000000000000003905756Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7bffc5ae752eb0832022-01-11 12:18:26.333root 11241100x80000000000000003905757Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7fad2184bd337e092022-01-11 12:18:26.334root 11241100x80000000000000003905758Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69e8603a1aae62792022-01-11 12:18:26.334root 11241100x80000000000000003905759Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0892f6a76490d6922022-01-11 12:18:26.334root 11241100x80000000000000003905760Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.023e29be4b289d1d2022-01-11 12:18:26.334root 11241100x80000000000000003905761Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.94150ee1efa8bfeb2022-01-11 12:18:26.334root 11241100x80000000000000003905762Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5dd1c052d56de11e2022-01-11 12:18:26.334root 11241100x80000000000000003905763Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4f499ac7b14b6602022-01-11 12:18:26.334root 11241100x80000000000000003905764Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8437962668d40d822022-01-11 12:18:26.334root 11241100x80000000000000003905765Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.752d23ab111cc6122022-01-11 12:18:26.334root 11241100x80000000000000003905766Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f4b781bdc6adab22022-01-11 12:18:26.334root 11241100x80000000000000003905767Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7cab0f3cd89a4e802022-01-11 12:18:26.334root 11241100x80000000000000003905768Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3147e89a019d7e8d2022-01-11 12:18:26.334root 11241100x80000000000000003905769Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c8ef815e3d570cdf2022-01-11 12:18:26.334root 11241100x80000000000000003905770Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b56c6afb332bef82022-01-11 12:18:26.335root 11241100x80000000000000003905771Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f1fac6917a7fdbf2022-01-11 12:18:26.335root 11241100x80000000000000003905772Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b51de4a410c5b3bd2022-01-11 12:18:26.335root 11241100x80000000000000003905773Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b46495b8b7f897e2022-01-11 12:18:26.335root 11241100x80000000000000003905774Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90942a6a9f8ca09f2022-01-11 12:18:26.335root 11241100x80000000000000003905775Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f8beee67027c629c2022-01-11 12:18:26.335root 11241100x80000000000000003905776Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe67bb35ba92a78e2022-01-11 12:18:26.335root 11241100x80000000000000003905777Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.31783b150710c0262022-01-11 12:18:26.335root 11241100x80000000000000003905778Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00cd5ddfb5b5f4fe2022-01-11 12:18:26.335root 11241100x80000000000000003905779Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d7eaaf0e3367f69f2022-01-11 12:18:26.833root 11241100x80000000000000003905780Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69755f30a5d57fe72022-01-11 12:18:26.833root 11241100x80000000000000003905781Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e359e1c37898ef802022-01-11 12:18:26.833root 11241100x80000000000000003905782Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb73db00b6ba56d62022-01-11 12:18:26.833root 11241100x80000000000000003905783Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef6668db5e4c98fc2022-01-11 12:18:26.834root 11241100x80000000000000003905784Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4571907d332116ef2022-01-11 12:18:26.834root 11241100x80000000000000003905785Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.883c464dc14899c22022-01-11 12:18:26.834root 11241100x80000000000000003905786Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ac601feecaaa6fa2022-01-11 12:18:26.834root 11241100x80000000000000003905787Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2051e6c6c1414fa52022-01-11 12:18:26.834root 11241100x80000000000000003905788Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dac72ed833865f692022-01-11 12:18:26.834root 11241100x80000000000000003905789Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.894a08fefc3e3ec92022-01-11 12:18:26.834root 11241100x80000000000000003905790Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3424241acd59eae72022-01-11 12:18:26.834root 11241100x80000000000000003905791Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.145c02a41e4d1d352022-01-11 12:18:26.834root 11241100x80000000000000003905792Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c572d6ba60933bef2022-01-11 12:18:26.834root 11241100x80000000000000003905793Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.18343cdf8f44c91d2022-01-11 12:18:26.835root 11241100x80000000000000003905794Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.975442608737846d2022-01-11 12:18:26.835root 11241100x80000000000000003905795Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.28f5da404ff963152022-01-11 12:18:26.835root 11241100x80000000000000003905796Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac56853785b6d9d22022-01-11 12:18:26.835root 11241100x80000000000000003905797Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.576412e593a88caf2022-01-11 12:18:26.835root 11241100x80000000000000003905798Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fdee9faaf088a20c2022-01-11 12:18:26.835root 11241100x80000000000000003905799Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.981868eabe3721662022-01-11 12:18:26.835root 11241100x80000000000000003905800Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c51982d0c51e97a2022-01-11 12:18:26.835root 11241100x80000000000000003905801Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e81dfaf0a72122aa2022-01-11 12:18:26.835root 11241100x80000000000000003905802Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21e3862d1231cceb2022-01-11 12:18:26.836root 11241100x80000000000000003905803Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef59ffcd710c83d72022-01-11 12:18:26.836root 11241100x80000000000000003905804Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fb8265a65cea52ad2022-01-11 12:18:26.836root 11241100x80000000000000003905805Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76d40639233495e62022-01-11 12:18:26.836root 11241100x80000000000000003905806Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f5c4c211773674b92022-01-11 12:18:26.836root 11241100x80000000000000003905807Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.792026432db871912022-01-11 12:18:26.836root 11241100x80000000000000003905808Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce59e5ea57a82d732022-01-11 12:18:26.836root 11241100x80000000000000003905809Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.62bf533801cb6ba02022-01-11 12:18:26.836root 11241100x80000000000000003905810Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f1939724033ab3d62022-01-11 12:18:26.836root 11241100x80000000000000003905811Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5eef4830d9223c582022-01-11 12:18:26.836root 11241100x80000000000000003905812Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1eb534483dcc64612022-01-11 12:18:26.837root 11241100x80000000000000003905813Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.68f357b92a04c3302022-01-11 12:18:26.837root 11241100x80000000000000003905814Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e597d08dd0c097e2022-01-11 12:18:26.837root 11241100x80000000000000003905815Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d139740b78f1d5ed2022-01-11 12:18:26.837root 11241100x80000000000000003905816Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6bb6daae1b4237232022-01-11 12:18:26.837root 11241100x80000000000000003905817Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e657713dc257ad112022-01-11 12:18:26.837root 11241100x80000000000000003905818Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d24a612489135d02022-01-11 12:18:26.837root 11241100x80000000000000003905819Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09da2e59e9d1ff362022-01-11 12:18:26.837root 11241100x80000000000000003905820Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f3c253c399104fd52022-01-11 12:18:26.837root 11241100x80000000000000003905821Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df4ae991852dcfda2022-01-11 12:18:26.837root 11241100x80000000000000003905822Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.14446732d9302a1b2022-01-11 12:18:26.837root 11241100x80000000000000003905823Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e329cde8054ea702022-01-11 12:18:26.837root 11241100x80000000000000003905824Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eda0bf12681a35d42022-01-11 12:18:26.837root 11241100x80000000000000003905825Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.025041f17dd34ba52022-01-11 12:18:26.837root 11241100x80000000000000003905826Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a86da09a8f7d5892022-01-11 12:18:26.837root 11241100x80000000000000003905827Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f7721e6c88ef7aac2022-01-11 12:18:26.837root 11241100x80000000000000003905828Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e476a0c15d389ac92022-01-11 12:18:26.838root 11241100x80000000000000003905829Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7633963dda6206a2022-01-11 12:18:26.838root 11241100x80000000000000003905830Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.40f6304746900b252022-01-11 12:18:26.839root 11241100x80000000000000003905831Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e1c0c737a6e73822022-01-11 12:18:26.839root 11241100x80000000000000003905832Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac737741cb4f69522022-01-11 12:18:26.839root 11241100x80000000000000003905833Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.71d728a548eb473d2022-01-11 12:18:26.839root 11241100x80000000000000003905834Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b2eb51908b42b3d2022-01-11 12:18:26.839root 11241100x80000000000000003905835Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a171b2f52a984b22022-01-11 12:18:26.839root 11241100x80000000000000003905836Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.840{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6f29700034db86f2022-01-11 12:18:26.840root 11241100x80000000000000003905837Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.841{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.18c41e03b961e4512022-01-11 12:18:26.841root 11241100x80000000000000003905838Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.842{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd6f3ca24e0822c72022-01-11 12:18:26.842root 11241100x80000000000000003905839Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.842{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8e7770519f3e8da2022-01-11 12:18:26.842root 11241100x80000000000000003905840Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.842{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.814792c65b01ef982022-01-11 12:18:26.842root 11241100x80000000000000003905841Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.843{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd569a97ebb5b03f2022-01-11 12:18:26.843root 11241100x80000000000000003905842Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.843{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.798b8a08cbe44bb82022-01-11 12:18:26.843root 11241100x80000000000000003905843Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.843{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4bd5f45ea50b091b2022-01-11 12:18:26.843root 11241100x80000000000000003905844Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.843{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8aaa589fd86cdb852022-01-11 12:18:26.843root 11241100x80000000000000003905845Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.843{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.049eb024f93b11dd2022-01-11 12:18:26.843root 11241100x80000000000000003905846Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.843{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.135b0904ba59a75d2022-01-11 12:18:26.843root 11241100x80000000000000003905847Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.843{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d2a82ed8ad2aca62022-01-11 12:18:26.843root 11241100x80000000000000003905848Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.843{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ceba6095d922808e2022-01-11 12:18:26.843root 11241100x80000000000000003905849Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.844{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8e3cbb39e9226d52022-01-11 12:18:26.844root 11241100x80000000000000003905850Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.844{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc421293c3b9e8fc2022-01-11 12:18:26.844root 11241100x80000000000000003905851Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.844{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6236dbfce02151972022-01-11 12:18:26.844root 11241100x80000000000000003905852Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.844{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cfd651ed116370bc2022-01-11 12:18:26.844root 11241100x80000000000000003905853Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.844{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7eb9fb14f8fc4f1e2022-01-11 12:18:26.844root 11241100x80000000000000003905854Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.844{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ffaf124913bb806c2022-01-11 12:18:26.844root 11241100x80000000000000003905855Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.844{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a95bb721c054a5b2022-01-11 12:18:26.844root 11241100x80000000000000003905856Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.844{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.37ecfe4d2444d85d2022-01-11 12:18:26.844root 11241100x80000000000000003905857Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.844{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b53372d2b9c07ea2022-01-11 12:18:26.844root 11241100x80000000000000003905858Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.844{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a4dcf4778f5cdab92022-01-11 12:18:26.844root 11241100x80000000000000003905859Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.844{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a881be9317cf58f82022-01-11 12:18:26.844root 11241100x80000000000000003905860Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.845{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3368e232ed4c91932022-01-11 12:18:26.845root 11241100x80000000000000003905861Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.845{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5954cb33f79a62f22022-01-11 12:18:26.845root 11241100x80000000000000003905862Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.845{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.59e693f6e256a77a2022-01-11 12:18:26.845root 11241100x80000000000000003905863Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.845{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c10e35b73f614ec22022-01-11 12:18:26.845root 11241100x80000000000000003905864Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.845{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c184c1dc0a2960f32022-01-11 12:18:26.845root 11241100x80000000000000003905865Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.845{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.85c4b74e3fb1d9982022-01-11 12:18:26.845root 11241100x80000000000000003905866Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.845{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e3610d5378d175592022-01-11 12:18:26.845root 11241100x80000000000000003905867Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.846{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e4e32a0e85306042022-01-11 12:18:26.846root 11241100x80000000000000003905868Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.846{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.453be24aaf7d5e6b2022-01-11 12:18:26.846root 11241100x80000000000000003905869Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.846{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f248072b40adb00f2022-01-11 12:18:26.846root 11241100x80000000000000003905870Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.846{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ce627af12a787a02022-01-11 12:18:26.846root 11241100x80000000000000003905871Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.846{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.50591956e988f5c42022-01-11 12:18:26.846root 11241100x80000000000000003905872Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.848{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8f8fc0ba8d09ffe2022-01-11 12:18:26.848root 11241100x80000000000000003905873Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.848{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c62a438bf69627782022-01-11 12:18:26.848root 11241100x80000000000000003905874Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.849{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.442c90812c985a182022-01-11 12:18:26.849root 11241100x80000000000000003905875Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d70f9efc9b4717e52022-01-11 12:18:27.334root 11241100x80000000000000003905876Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a67546b66cb12fa42022-01-11 12:18:27.334root 11241100x80000000000000003905877Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c8001c19990d70162022-01-11 12:18:27.334root 11241100x80000000000000003905878Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.228a1cb9f09b3d4c2022-01-11 12:18:27.334root 11241100x80000000000000003905879Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5adf30a8c30b8ad02022-01-11 12:18:27.335root 11241100x80000000000000003905880Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f87442c3557e85b2022-01-11 12:18:27.335root 11241100x80000000000000003905881Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df580367aed655ff2022-01-11 12:18:27.335root 11241100x80000000000000003905882Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21c6ba0839cf32bf2022-01-11 12:18:27.335root 11241100x80000000000000003905883Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.12f6f962a222fda12022-01-11 12:18:27.335root 11241100x80000000000000003905884Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ccd11a51a3a5baf2022-01-11 12:18:27.335root 11241100x80000000000000003905885Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f57b729922e27162022-01-11 12:18:27.335root 11241100x80000000000000003905886Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.901afd878ab17d622022-01-11 12:18:27.335root 11241100x80000000000000003905887Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.250164f0b5f18faa2022-01-11 12:18:27.335root 11241100x80000000000000003905888Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a9c952400c0545f2022-01-11 12:18:27.335root 11241100x80000000000000003905889Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ffbe3c6e149fb9d32022-01-11 12:18:27.335root 11241100x80000000000000003905890Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e2688a611e8eb1fd2022-01-11 12:18:27.336root 11241100x80000000000000003905891Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.52cd3cbbf76136a72022-01-11 12:18:27.336root 11241100x80000000000000003905892Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ccfb863909a95e672022-01-11 12:18:27.336root 11241100x80000000000000003905893Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3520767a4ded7fb32022-01-11 12:18:27.336root 11241100x80000000000000003905894Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ce4cbc93130f4f82022-01-11 12:18:27.336root 11241100x80000000000000003905895Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47ec62eaaa0cbef52022-01-11 12:18:27.336root 11241100x80000000000000003905896Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.62eb51fa7a92289a2022-01-11 12:18:27.336root 11241100x80000000000000003905897Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8eb212b919d9e3632022-01-11 12:18:27.336root 11241100x80000000000000003905898Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.26ce7edf1841481f2022-01-11 12:18:27.336root 11241100x80000000000000003905899Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d7d3e97eed696072022-01-11 12:18:27.337root 11241100x80000000000000003905900Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e04dc48da8fdc5b2022-01-11 12:18:27.834root 11241100x80000000000000003905901Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a76a88a74dd61032022-01-11 12:18:27.834root 11241100x80000000000000003905902Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b423e38f37ed1cb2022-01-11 12:18:27.834root 11241100x80000000000000003905903Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.45957968ff02a7e92022-01-11 12:18:27.834root 11241100x80000000000000003905904Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db060179fbc322542022-01-11 12:18:27.834root 11241100x80000000000000003905905Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.68c22d82b0e263a12022-01-11 12:18:27.834root 11241100x80000000000000003905906Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.840b518402b0f17f2022-01-11 12:18:27.835root 11241100x80000000000000003905907Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.14a764e489dcbf0e2022-01-11 12:18:27.835root 11241100x80000000000000003905908Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0bf3b5da9168906d2022-01-11 12:18:27.835root 11241100x80000000000000003905909Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7c74518afe95fc92022-01-11 12:18:27.835root 11241100x80000000000000003905910Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d719cf9497f2f0a2022-01-11 12:18:27.835root 11241100x80000000000000003905911Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7129cc92f25c39d22022-01-11 12:18:27.835root 11241100x80000000000000003905912Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d4d3c4a211213be22022-01-11 12:18:27.835root 11241100x80000000000000003905913Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e270fc3425afcd512022-01-11 12:18:27.835root 11241100x80000000000000003905914Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.34e82bbbd2825f572022-01-11 12:18:27.836root 11241100x80000000000000003905915Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cb50090e388e2ef72022-01-11 12:18:27.836root 11241100x80000000000000003905916Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4318390382d641f22022-01-11 12:18:27.836root 11241100x80000000000000003905917Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff88fe7d10555e4c2022-01-11 12:18:27.836root 11241100x80000000000000003905918Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90724972f24b6e192022-01-11 12:18:27.836root 11241100x80000000000000003905919Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.34c3f6aaba7e45d62022-01-11 12:18:27.836root 11241100x80000000000000003905920Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.84b3f0bbe9c610dc2022-01-11 12:18:27.837root 11241100x80000000000000003905921Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b41245eccc885932022-01-11 12:18:27.837root 11241100x80000000000000003905922Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f74c483fafdcf5b12022-01-11 12:18:27.837root 11241100x80000000000000003905923Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd1d005daf7586fc2022-01-11 12:18:27.837root 11241100x80000000000000003905924Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b66f0a9e80b3878c2022-01-11 12:18:27.837root 23542300x80000000000000003905925Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.897{ec2d504d-f0f9-61db-30a8-2a40f5550000}5391root/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log--- 11241100x80000000000000003905926Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7bd416cb36ca741e2022-01-11 12:18:28.333root 11241100x80000000000000003905927Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.709bcafbd28889ca2022-01-11 12:18:28.333root 11241100x80000000000000003905928Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6eb52c8094b74b4b2022-01-11 12:18:28.334root 11241100x80000000000000003905929Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.654dd760aef6b86b2022-01-11 12:18:28.334root 11241100x80000000000000003905930Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b6ad81d92a844f842022-01-11 12:18:28.334root 11241100x80000000000000003905931Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c3707b7282d2c9532022-01-11 12:18:28.334root 11241100x80000000000000003905932Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5fe459477374e04c2022-01-11 12:18:28.334root 11241100x80000000000000003905933Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f2ce6231d04de0f22022-01-11 12:18:28.334root 11241100x80000000000000003905934Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a6099b2a6ba9bcc2022-01-11 12:18:28.334root 11241100x80000000000000003905935Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.98cb385c21104a012022-01-11 12:18:28.334root 11241100x80000000000000003905936Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b7f6b6f7e17898b2022-01-11 12:18:28.334root 11241100x80000000000000003905937Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9666e1935d7d40702022-01-11 12:18:28.334root 11241100x80000000000000003905938Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f4015137c0b2f3d62022-01-11 12:18:28.335root 11241100x80000000000000003905939Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.37da30d9e829f47b2022-01-11 12:18:28.335root 11241100x80000000000000003905940Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.007f85a95e108d662022-01-11 12:18:28.335root 11241100x80000000000000003905941Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f3f7d5af1fad4d42022-01-11 12:18:28.335root 11241100x80000000000000003905942Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d32c9d2b9d7051a82022-01-11 12:18:28.335root 11241100x80000000000000003905943Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0cb057074976184f2022-01-11 12:18:28.335root 11241100x80000000000000003905944Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.65f774814e7de8ba2022-01-11 12:18:28.335root 11241100x80000000000000003905945Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f17ee1c9f07f64f42022-01-11 12:18:28.335root 11241100x80000000000000003905946Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.263eaaf05c5007c12022-01-11 12:18:28.335root 11241100x80000000000000003905947Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1ee3b1d4fae594b32022-01-11 12:18:28.335root 11241100x80000000000000003905948Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bfeace78472b51332022-01-11 12:18:28.335root 11241100x80000000000000003905949Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b43f6453cb3d89b62022-01-11 12:18:28.335root 11241100x80000000000000003905950Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5335800d1a7d59672022-01-11 12:18:28.335root 11241100x80000000000000003905951Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95288a0e34ead7ae2022-01-11 12:18:28.335root 11241100x80000000000000003905952Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d662395a03552b642022-01-11 12:18:28.335root 11241100x80000000000000003905953Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.78e5bc66953508d82022-01-11 12:18:28.336root 11241100x80000000000000003905954Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.677871cc3795cf682022-01-11 12:18:28.336root 11241100x80000000000000003905955Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e88c9b67405a565d2022-01-11 12:18:28.336root 11241100x80000000000000003905956Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af8d58820ce545712022-01-11 12:18:28.336root 11241100x80000000000000003905957Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.450338cfd3e024d02022-01-11 12:18:28.336root 11241100x80000000000000003905958Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.281d62e2fd6b24462022-01-11 12:18:28.336root 11241100x80000000000000003905959Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.873a9bf01de82c3a2022-01-11 12:18:28.834root 11241100x80000000000000003905960Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aeabbb384218c0e22022-01-11 12:18:28.834root 11241100x80000000000000003905961Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c3e74c9fa2fdcff2022-01-11 12:18:28.834root 11241100x80000000000000003905962Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ee81397991332e52022-01-11 12:18:28.834root 11241100x80000000000000003905963Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fb714f0122b0cc662022-01-11 12:18:28.834root 11241100x80000000000000003905964Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.70c38ac4db189a8f2022-01-11 12:18:28.834root 11241100x80000000000000003905965Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23d813a4acb933fd2022-01-11 12:18:28.834root 11241100x80000000000000003905966Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6323056d4b0b6402022-01-11 12:18:28.834root 11241100x80000000000000003905967Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a498db1a69e8d3732022-01-11 12:18:28.834root 11241100x80000000000000003905968Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d908f32ef6b152192022-01-11 12:18:28.834root 11241100x80000000000000003905969Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b159a52514188c32022-01-11 12:18:28.835root 11241100x80000000000000003905970Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d5e7c0c96528a7942022-01-11 12:18:28.835root 11241100x80000000000000003905971Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8a5dbf836a4cdbff2022-01-11 12:18:28.835root 11241100x80000000000000003905972Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1828c8602ea8bb782022-01-11 12:18:28.835root 11241100x80000000000000003905973Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91a69d79863593292022-01-11 12:18:28.835root 11241100x80000000000000003905974Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f0813f95cec8b2d52022-01-11 12:18:28.835root 11241100x80000000000000003905975Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ea38b0958def67252022-01-11 12:18:28.835root 11241100x80000000000000003905976Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8aefff029f17027a2022-01-11 12:18:28.835root 11241100x80000000000000003905977Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.327b27c1cab23d4e2022-01-11 12:18:28.835root 11241100x80000000000000003905978Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3cee38e0067829292022-01-11 12:18:28.835root 11241100x80000000000000003905979Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d945f396024e67cc2022-01-11 12:18:28.835root 11241100x80000000000000003905980Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.995514fca6ebce3b2022-01-11 12:18:28.835root 11241100x80000000000000003905981Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d62adde43696c092022-01-11 12:18:28.835root 11241100x80000000000000003905982Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f79c23719cebec72022-01-11 12:18:28.835root 11241100x80000000000000003905983Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.20fa9b29ca3373c52022-01-11 12:18:28.836root 11241100x80000000000000003905984Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.61838565bb9223da2022-01-11 12:18:28.836root 11241100x80000000000000003905985Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f0a1e44cc38b0b8a2022-01-11 12:18:29.334root 11241100x80000000000000003905986Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cb73946164e85c8a2022-01-11 12:18:29.334root 11241100x80000000000000003905987Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c8e4d4ed7fcdc4d2022-01-11 12:18:29.334root 11241100x80000000000000003905988Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d29d4ce3bc42175f2022-01-11 12:18:29.334root 11241100x80000000000000003905989Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.35ace4179ecdd2ad2022-01-11 12:18:29.335root 11241100x80000000000000003905990Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25fcfc8e878434082022-01-11 12:18:29.335root 11241100x80000000000000003905991Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f11cd3b63fcf0fa2022-01-11 12:18:29.335root 11241100x80000000000000003905992Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4be7632fe317bef72022-01-11 12:18:29.335root 11241100x80000000000000003905993Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bba84ca7d879beca2022-01-11 12:18:29.335root 11241100x80000000000000003905994Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c8d044b075fbd8122022-01-11 12:18:29.335root 11241100x80000000000000003905995Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0deeb56d777c78d42022-01-11 12:18:29.335root 11241100x80000000000000003905996Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9a4b1b4915abafb2022-01-11 12:18:29.335root 11241100x80000000000000003905997Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da1734827074dd132022-01-11 12:18:29.335root 11241100x80000000000000003905998Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e25827214d9120b12022-01-11 12:18:29.336root 11241100x80000000000000003905999Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef6e2a0aab81bfd22022-01-11 12:18:29.336root 11241100x80000000000000003906000Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ddcc8a1c6792d8592022-01-11 12:18:29.336root 11241100x80000000000000003906001Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.244925fed9e8d78a2022-01-11 12:18:29.336root 11241100x80000000000000003906002Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.379271f95eb5a07b2022-01-11 12:18:29.336root 11241100x80000000000000003906003Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d009dd07c2d3e6e22022-01-11 12:18:29.336root 11241100x80000000000000003906004Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.45a7030a0863d9df2022-01-11 12:18:29.336root 11241100x80000000000000003906005Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4b47804d1a395462022-01-11 12:18:29.336root 11241100x80000000000000003906006Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f862c087bdd47062022-01-11 12:18:29.336root 11241100x80000000000000003906007Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6529ca465ce6f2a2022-01-11 12:18:29.336root 11241100x80000000000000003906008Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e90043e4eefbeec2022-01-11 12:18:29.337root 11241100x80000000000000003906009Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02b6c229303124fc2022-01-11 12:18:29.337root 11241100x80000000000000003906010Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0f3ff1f404e66e162022-01-11 12:18:29.337root 11241100x80000000000000003906011Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd6f0007d547b05e2022-01-11 12:18:29.833root 11241100x80000000000000003906012Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.89e3f2fda5f535602022-01-11 12:18:29.834root 11241100x80000000000000003906013Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.424a9676c426e99d2022-01-11 12:18:29.834root 11241100x80000000000000003906014Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b1f96be86ea2a102022-01-11 12:18:29.834root 11241100x80000000000000003906015Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0fdb75fbb0898b5d2022-01-11 12:18:29.834root 11241100x80000000000000003906016Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4008f7c7b7571e162022-01-11 12:18:29.834root 11241100x80000000000000003906017Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d833650e6da706f2022-01-11 12:18:29.834root 11241100x80000000000000003906018Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.143c8f20d2c952072022-01-11 12:18:29.834root 11241100x80000000000000003906019Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d2884306f217f40e2022-01-11 12:18:29.834root 11241100x80000000000000003906020Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7562fdb077f93d892022-01-11 12:18:29.834root 11241100x80000000000000003906021Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd14d45c136c078f2022-01-11 12:18:29.835root 11241100x80000000000000003906022Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e596bcb5ab8edb32022-01-11 12:18:29.835root 11241100x80000000000000003906023Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3277f2c8f4b994992022-01-11 12:18:29.835root 11241100x80000000000000003906024Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d20d841dfc5a645f2022-01-11 12:18:29.835root 11241100x80000000000000003906025Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.73f99564494f791d2022-01-11 12:18:29.835root 11241100x80000000000000003906026Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0bb74ed1476fc5ec2022-01-11 12:18:29.835root 11241100x80000000000000003906027Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.016e9d3ea3544d662022-01-11 12:18:29.835root 11241100x80000000000000003906028Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ac076daed7a7b9e2022-01-11 12:18:29.835root 11241100x80000000000000003906029Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ed0b0e8d3874f1a2022-01-11 12:18:29.835root 11241100x80000000000000003906030Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5cd43a4d8fc6b4b62022-01-11 12:18:29.835root 11241100x80000000000000003906031Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.420efa0da4ff722a2022-01-11 12:18:29.835root 11241100x80000000000000003906032Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c24ad63afedef6352022-01-11 12:18:29.835root 11241100x80000000000000003906033Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e2a3a5a094838ea2022-01-11 12:18:29.835root 11241100x80000000000000003906034Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aea5a3e2efaeca752022-01-11 12:18:29.835root 11241100x80000000000000003906035Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.456e4bcf92d81d9e2022-01-11 12:18:29.836root 11241100x80000000000000003906036Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.88c685ab2375d3a12022-01-11 12:18:29.836root 11241100x80000000000000003906037Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.89ad57a4397be19c2022-01-11 12:18:29.836root 11241100x80000000000000003906038Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.776f9562c0527c4d2022-01-11 12:18:29.836root 354300x80000000000000003906039Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.059{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56248-false10.0.1.12-8000- 11241100x80000000000000003906040Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.79950a8a9e5669852022-01-11 12:18:30.334root 11241100x80000000000000003906041Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e0ad5fd4dbd185c2022-01-11 12:18:30.334root 11241100x80000000000000003906042Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.782e4e0b4bc8b3532022-01-11 12:18:30.334root 11241100x80000000000000003906043Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b0f3bfed296c83be2022-01-11 12:18:30.334root 11241100x80000000000000003906044Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96519ca5b0d72bb22022-01-11 12:18:30.334root 11241100x80000000000000003906045Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b43b7693a2db5e6d2022-01-11 12:18:30.334root 11241100x80000000000000003906046Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.49cadad2bb18f2722022-01-11 12:18:30.334root 11241100x80000000000000003906047Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ff911b124b9ea7d2022-01-11 12:18:30.335root 11241100x80000000000000003906048Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25a464ac47c50b4d2022-01-11 12:18:30.335root 11241100x80000000000000003906049Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8bcacd1189fb3d742022-01-11 12:18:30.335root 11241100x80000000000000003906050Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.03394624adcf15a82022-01-11 12:18:30.335root 11241100x80000000000000003906051Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.219a9d6e826655712022-01-11 12:18:30.335root 11241100x80000000000000003906052Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b0aa8bb954b61e862022-01-11 12:18:30.335root 11241100x80000000000000003906053Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d231af2030ba4e9b2022-01-11 12:18:30.335root 11241100x80000000000000003906054Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca7f57a747e76bcc2022-01-11 12:18:30.335root 11241100x80000000000000003906055Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1075b15e65cc15d52022-01-11 12:18:30.335root 11241100x80000000000000003906056Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e72671f474cb55a2022-01-11 12:18:30.335root 11241100x80000000000000003906057Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6cfa9ab4b3e4f4f32022-01-11 12:18:30.335root 11241100x80000000000000003906058Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.290f890349629e432022-01-11 12:18:30.335root 11241100x80000000000000003906059Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.78b1c367ff023b6b2022-01-11 12:18:30.335root 11241100x80000000000000003906060Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d969773430e034f92022-01-11 12:18:30.335root 11241100x80000000000000003906061Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6f236c2da35518782022-01-11 12:18:30.335root 11241100x80000000000000003906062Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f39e6de6d9a046ba2022-01-11 12:18:30.336root 11241100x80000000000000003906063Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ec8c9b14df352d32022-01-11 12:18:30.336root 11241100x80000000000000003906064Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.81b5b8b925efa6f52022-01-11 12:18:30.336root 11241100x80000000000000003906065Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63f59a06468e6ac62022-01-11 12:18:30.336root 11241100x80000000000000003906066Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b893e33da9a04f422022-01-11 12:18:30.336root 11241100x80000000000000003906067Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d2a9d5d9034eeaaa2022-01-11 12:18:30.833root 11241100x80000000000000003906068Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be5f11613e5ffc762022-01-11 12:18:30.834root 11241100x80000000000000003906069Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8fb0d10b719089db2022-01-11 12:18:30.834root 11241100x80000000000000003906070Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6aa07353070551f52022-01-11 12:18:30.834root 11241100x80000000000000003906071Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c4661c9a8e2178192022-01-11 12:18:30.834root 11241100x80000000000000003906072Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33c6fe4915d64fbb2022-01-11 12:18:30.834root 11241100x80000000000000003906073Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.73a6e30dc564cdbf2022-01-11 12:18:30.834root 11241100x80000000000000003906074Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b2f68258386b38462022-01-11 12:18:30.835root 11241100x80000000000000003906075Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bcdea479ca33d1382022-01-11 12:18:30.835root 11241100x80000000000000003906076Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.73e136134707cacf2022-01-11 12:18:30.835root 11241100x80000000000000003906077Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e662d27a33bf2e62022-01-11 12:18:30.835root 11241100x80000000000000003906078Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8706ce3287c8bd7c2022-01-11 12:18:30.835root 11241100x80000000000000003906079Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.921f09eb984e72a12022-01-11 12:18:30.836root 11241100x80000000000000003906080Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aeafcd998128d0c82022-01-11 12:18:30.836root 11241100x80000000000000003906081Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00e1ab237dced9662022-01-11 12:18:30.836root 11241100x80000000000000003906082Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21aaef3fc623d13f2022-01-11 12:18:30.836root 11241100x80000000000000003906083Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.941778e7a98031ee2022-01-11 12:18:30.836root 11241100x80000000000000003906084Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc1ff243cbd66b0d2022-01-11 12:18:30.836root 11241100x80000000000000003906085Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5eac7607c30693e12022-01-11 12:18:30.836root 11241100x80000000000000003906086Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b0f948a3ea6d0392022-01-11 12:18:30.836root 11241100x80000000000000003906087Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.afceae38354c82872022-01-11 12:18:30.837root 11241100x80000000000000003906088Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa03f21897ca89922022-01-11 12:18:30.837root 11241100x80000000000000003906089Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.984b243e425960312022-01-11 12:18:30.837root 11241100x80000000000000003906090Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.79696b8d266188862022-01-11 12:18:30.837root 11241100x80000000000000003906091Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63a68143304d749e2022-01-11 12:18:30.837root 11241100x80000000000000003906092Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a214ae6b5b2cc032022-01-11 12:18:30.837root 11241100x80000000000000003906093Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8b33a9ff29e43b82022-01-11 12:18:30.837root 11241100x80000000000000003906094Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.67d8870747b49e782022-01-11 12:18:30.837root 11241100x80000000000000003906095Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.88caa173b9379bbd2022-01-11 12:18:31.333root 11241100x80000000000000003906096Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91ff61ada1a65fcf2022-01-11 12:18:31.333root 11241100x80000000000000003906097Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce9cd9430dd282932022-01-11 12:18:31.333root 11241100x80000000000000003906098Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.157973c06a212e842022-01-11 12:18:31.333root 11241100x80000000000000003906099Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1eacf535993aa43d2022-01-11 12:18:31.334root 11241100x80000000000000003906100Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf82e6709c80afd32022-01-11 12:18:31.334root 11241100x80000000000000003906101Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e716ed0a28d94412022-01-11 12:18:31.334root 11241100x80000000000000003906102Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a7ca6f90a338bcc2022-01-11 12:18:31.334root 11241100x80000000000000003906103Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b6ee1b70d6b4a1fe2022-01-11 12:18:31.334root 11241100x80000000000000003906104Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b0450bf8e6dc3242022-01-11 12:18:31.335root 11241100x80000000000000003906105Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8a43aefd27838f002022-01-11 12:18:31.335root 11241100x80000000000000003906106Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4285eabf2ac85e0c2022-01-11 12:18:31.335root 11241100x80000000000000003906107Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91afbef40845fd7a2022-01-11 12:18:31.335root 11241100x80000000000000003906108Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bddf1e5d3fe8524d2022-01-11 12:18:31.335root 11241100x80000000000000003906109Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff6cea0751f14a862022-01-11 12:18:31.335root 11241100x80000000000000003906110Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2bae0537d315656a2022-01-11 12:18:31.335root 11241100x80000000000000003906111Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d7c7549b1942a3a2022-01-11 12:18:31.336root 11241100x80000000000000003906112Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b13bebe6c78517b32022-01-11 12:18:31.336root 11241100x80000000000000003906113Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25684fb18ed0077d2022-01-11 12:18:31.336root 11241100x80000000000000003906114Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fb5a29382dedba132022-01-11 12:18:31.336root 11241100x80000000000000003906115Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.861fd73c571320932022-01-11 12:18:31.336root 11241100x80000000000000003906116Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b8ae934ef3c796442022-01-11 12:18:31.336root 11241100x80000000000000003906117Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f884113cdac50362022-01-11 12:18:31.336root 11241100x80000000000000003906118Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.543d45f6a2cafd412022-01-11 12:18:31.336root 11241100x80000000000000003906119Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ccbcfb028e21fff62022-01-11 12:18:31.336root 11241100x80000000000000003906120Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.347037ebfd57dc8b2022-01-11 12:18:31.336root 11241100x80000000000000003906121Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bdf77906a15883112022-01-11 12:18:31.336root 11241100x80000000000000003906122Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ce15085537be0e32022-01-11 12:18:31.337root 11241100x80000000000000003906123Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c7a2440acc00da4f2022-01-11 12:18:31.337root 11241100x80000000000000003906124Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3acb7c0ec7b2747f2022-01-11 12:18:31.337root 11241100x80000000000000003906125Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.edadfee20da6ab182022-01-11 12:18:31.337root 11241100x80000000000000003906126Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ae97ca4d828b02f2022-01-11 12:18:31.337root 11241100x80000000000000003906127Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f3d8442a1e7b951e2022-01-11 12:18:31.337root 11241100x80000000000000003906128Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c3ee17923644b3f72022-01-11 12:18:31.833root 11241100x80000000000000003906129Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b6d73e19e6f9ffff2022-01-11 12:18:31.834root 11241100x80000000000000003906130Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21a49bebd1c5cc4f2022-01-11 12:18:31.834root 11241100x80000000000000003906131Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aeb3803fd9b2c1832022-01-11 12:18:31.834root 11241100x80000000000000003906132Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95b91a8af442e9612022-01-11 12:18:31.834root 11241100x80000000000000003906133Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.897f5a72600c70cf2022-01-11 12:18:31.834root 11241100x80000000000000003906134Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6beed2d294ef89212022-01-11 12:18:31.834root 11241100x80000000000000003906135Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4aa5e0c20c80d3e2022-01-11 12:18:31.834root 11241100x80000000000000003906136Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9fb20a8e44bb77cc2022-01-11 12:18:31.834root 11241100x80000000000000003906137Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.03192ca3df3b9e732022-01-11 12:18:31.835root 11241100x80000000000000003906138Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.661a7b4159e2912f2022-01-11 12:18:31.835root 11241100x80000000000000003906139Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fb0e82fa6c8060212022-01-11 12:18:31.835root 11241100x80000000000000003906140Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.828938596a211f332022-01-11 12:18:31.835root 11241100x80000000000000003906141Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.774b10a359909a0c2022-01-11 12:18:31.835root 11241100x80000000000000003906142Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8ce51a9e2ee4eed2022-01-11 12:18:31.835root 11241100x80000000000000003906143Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8d37d4b998393122022-01-11 12:18:31.835root 11241100x80000000000000003906144Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a622a94e5d998852022-01-11 12:18:31.836root 11241100x80000000000000003906145Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c8923d6aee2c4f892022-01-11 12:18:31.836root 11241100x80000000000000003906146Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f7961216a14e4f922022-01-11 12:18:31.836root 11241100x80000000000000003906147Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.603b9b71780b1eb92022-01-11 12:18:31.836root 11241100x80000000000000003906148Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d9198b862682bff2022-01-11 12:18:31.836root 11241100x80000000000000003906149Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6e8281d47ebb07e72022-01-11 12:18:31.836root 11241100x80000000000000003906150Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.26486785467a63842022-01-11 12:18:31.836root 11241100x80000000000000003906151Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.603c39422ce23a082022-01-11 12:18:31.836root 11241100x80000000000000003906152Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7868c47a2241206f2022-01-11 12:18:31.836root 11241100x80000000000000003906153Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.471e54ba4cfec3642022-01-11 12:18:31.836root 11241100x80000000000000003906154Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c512fd77350315062022-01-11 12:18:31.837root 11241100x80000000000000003906155Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d3ffae84aa0ef41f2022-01-11 12:18:31.837root 11241100x80000000000000003906156Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de2809325f45104a2022-01-11 12:18:31.837root 11241100x80000000000000003906157Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c5cf5ddbe1b45af2022-01-11 12:18:32.333root 11241100x80000000000000003906158Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0637ad4ba71ba9b72022-01-11 12:18:32.333root 11241100x80000000000000003906159Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d4f96f00f6492e52022-01-11 12:18:32.334root 11241100x80000000000000003906160Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.037f6cbca187e5ae2022-01-11 12:18:32.334root 11241100x80000000000000003906161Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3efa72151c0a2c052022-01-11 12:18:32.334root 11241100x80000000000000003906162Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d5840b5cb0658dea2022-01-11 12:18:32.334root 11241100x80000000000000003906163Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a822e2003680e8a72022-01-11 12:18:32.334root 11241100x80000000000000003906164Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8823908cf2a9532f2022-01-11 12:18:32.334root 11241100x80000000000000003906165Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8094bc57d343fbe52022-01-11 12:18:32.334root 11241100x80000000000000003906166Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f2487304e954bbb22022-01-11 12:18:32.334root 11241100x80000000000000003906167Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9196325ee3b250072022-01-11 12:18:32.334root 11241100x80000000000000003906168Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca53cb6d1f012a9b2022-01-11 12:18:32.334root 11241100x80000000000000003906169Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09c9010f1c6c1fe82022-01-11 12:18:32.335root 11241100x80000000000000003906170Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a11285c90fe7a6ab2022-01-11 12:18:32.335root 11241100x80000000000000003906171Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bef8186d832231192022-01-11 12:18:32.335root 11241100x80000000000000003906172Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc4e770a5fc8a61a2022-01-11 12:18:32.335root 11241100x80000000000000003906173Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a99a156cc7d812e12022-01-11 12:18:32.335root 11241100x80000000000000003906174Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.46e35e65885e0a5d2022-01-11 12:18:32.335root 11241100x80000000000000003906175Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa92fdaf4ac9b9e02022-01-11 12:18:32.335root 11241100x80000000000000003906176Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ecaf513404a0c342022-01-11 12:18:32.335root 11241100x80000000000000003906177Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cfbed83348634dd32022-01-11 12:18:32.335root 11241100x80000000000000003906178Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63a59186716bc85a2022-01-11 12:18:32.335root 11241100x80000000000000003906179Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc71b971f46411912022-01-11 12:18:32.336root 11241100x80000000000000003906180Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba47a6be137af2492022-01-11 12:18:32.336root 11241100x80000000000000003906181Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f42ade2e6c556cf2022-01-11 12:18:32.336root 11241100x80000000000000003906182Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38e6ff72055fe6272022-01-11 12:18:32.336root 11241100x80000000000000003906183Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c32c5d3020098ac22022-01-11 12:18:32.336root 11241100x80000000000000003906184Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8cf420f1f3974b32022-01-11 12:18:32.336root 11241100x80000000000000003906185Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e90319ca20104df2022-01-11 12:18:32.336root 11241100x80000000000000003906186Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38b20a472589e3222022-01-11 12:18:32.834root 11241100x80000000000000003906187Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.163986f02e8fceae2022-01-11 12:18:32.834root 11241100x80000000000000003906188Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9cb9c42e0cf0fa682022-01-11 12:18:32.834root 11241100x80000000000000003906189Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09c831c2eef325702022-01-11 12:18:32.834root 11241100x80000000000000003906190Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b04e75424d83789a2022-01-11 12:18:32.834root 11241100x80000000000000003906191Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.146f10bad8d755352022-01-11 12:18:32.834root 11241100x80000000000000003906192Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c6d39a97d8be2322022-01-11 12:18:32.834root 11241100x80000000000000003906193Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4dff11716745a422022-01-11 12:18:32.834root 11241100x80000000000000003906194Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7d13b738c9a0fdf2022-01-11 12:18:32.835root 11241100x80000000000000003906195Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae2e02bf4e4591182022-01-11 12:18:32.835root 11241100x80000000000000003906196Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a3a89a63f5810b32022-01-11 12:18:32.835root 11241100x80000000000000003906197Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.11aad6b0667404332022-01-11 12:18:32.835root 11241100x80000000000000003906198Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f8424fbd382986c32022-01-11 12:18:32.835root 11241100x80000000000000003906199Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38f8e4f9f4e990db2022-01-11 12:18:32.835root 11241100x80000000000000003906200Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6000e676842a0b672022-01-11 12:18:32.835root 11241100x80000000000000003906201Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa75df2b14f3b3712022-01-11 12:18:32.835root 11241100x80000000000000003906202Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e134c9ae40370d762022-01-11 12:18:32.835root 11241100x80000000000000003906203Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90fc1c4b55cf01bc2022-01-11 12:18:32.835root 11241100x80000000000000003906204Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c34572196ada0a22022-01-11 12:18:32.835root 11241100x80000000000000003906205Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dba1932cac3e05b82022-01-11 12:18:32.835root 11241100x80000000000000003906206Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f6cde127a201a5c2022-01-11 12:18:32.835root 11241100x80000000000000003906207Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bf30dcc6448e98012022-01-11 12:18:32.835root 11241100x80000000000000003906208Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1c3ae5695a3a2412022-01-11 12:18:32.836root 11241100x80000000000000003906209Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.39efca244870125e2022-01-11 12:18:32.836root 11241100x80000000000000003906210Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c3fbda7948496de2022-01-11 12:18:32.836root 11241100x80000000000000003906211Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.061dd0b03cc5b4342022-01-11 12:18:32.836root 11241100x80000000000000003906212Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d601dfe26629290c2022-01-11 12:18:32.836root 11241100x80000000000000003906213Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0423f1c06028a882022-01-11 12:18:33.334root 11241100x80000000000000003906214Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec2081cfd31a5f452022-01-11 12:18:33.334root 11241100x80000000000000003906215Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.477164628af08e552022-01-11 12:18:33.334root 11241100x80000000000000003906216Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f84f0357479137912022-01-11 12:18:33.335root 11241100x80000000000000003906217Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a9998478a3a5d5492022-01-11 12:18:33.335root 11241100x80000000000000003906218Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.42dadef63896eada2022-01-11 12:18:33.335root 11241100x80000000000000003906219Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.532ee3cb6b24c87f2022-01-11 12:18:33.335root 11241100x80000000000000003906220Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0cdddd8c2691de672022-01-11 12:18:33.335root 11241100x80000000000000003906221Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce0315f007ec0ab12022-01-11 12:18:33.335root 11241100x80000000000000003906222Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00bdfcd15c5e81cb2022-01-11 12:18:33.335root 11241100x80000000000000003906223Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.42521be38d9d789a2022-01-11 12:18:33.335root 11241100x80000000000000003906224Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6fbb48fc5ed87fa72022-01-11 12:18:33.335root 11241100x80000000000000003906225Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.85caaf29ec7aa95e2022-01-11 12:18:33.335root 11241100x80000000000000003906226Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1677d8b86e8ca8852022-01-11 12:18:33.336root 11241100x80000000000000003906227Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.879e5c0ccf72b1ce2022-01-11 12:18:33.336root 11241100x80000000000000003906228Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b09e75221af833462022-01-11 12:18:33.336root 11241100x80000000000000003906229Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8dcd0fc0de75e8422022-01-11 12:18:33.336root 11241100x80000000000000003906230Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.027095a6885179f42022-01-11 12:18:33.336root 11241100x80000000000000003906231Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21ff661897ad98342022-01-11 12:18:33.336root 11241100x80000000000000003906232Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6a1bd8ba3e4e7272022-01-11 12:18:33.336root 11241100x80000000000000003906233Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.099eaa874ff7c9e72022-01-11 12:18:33.336root 11241100x80000000000000003906234Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a3c4880539e0d4f02022-01-11 12:18:33.336root 11241100x80000000000000003906235Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef57547bdf178c8a2022-01-11 12:18:33.337root 11241100x80000000000000003906236Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd6cba216a96d8912022-01-11 12:18:33.337root 11241100x80000000000000003906237Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ebbba5ea582f4882022-01-11 12:18:33.337root 11241100x80000000000000003906238Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.338f5085bdf4730a2022-01-11 12:18:33.337root 11241100x80000000000000003906239Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a881ff02f2457012022-01-11 12:18:33.337root 11241100x80000000000000003906240Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6eaef184e372aa8e2022-01-11 12:18:33.833root 11241100x80000000000000003906241Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e2466ad76577b5a2022-01-11 12:18:33.833root 11241100x80000000000000003906242Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f9831b631adeeb4b2022-01-11 12:18:33.833root 11241100x80000000000000003906243Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5fb3e46bac90579e2022-01-11 12:18:33.834root 11241100x80000000000000003906244Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a64b8f6c260b70b2022-01-11 12:18:33.834root 11241100x80000000000000003906245Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.10ea5616836d16a32022-01-11 12:18:33.834root 11241100x80000000000000003906246Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.591e99cc528b37292022-01-11 12:18:33.834root 11241100x80000000000000003906247Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f0523ae092be1412022-01-11 12:18:33.834root 11241100x80000000000000003906248Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8fd998432a33ad62022-01-11 12:18:33.834root 11241100x80000000000000003906249Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.74fb6cb5339521f92022-01-11 12:18:33.834root 11241100x80000000000000003906250Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.34b1ccff58da93722022-01-11 12:18:33.834root 11241100x80000000000000003906251Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7bfc6cc2bd6b34ec2022-01-11 12:18:33.834root 11241100x80000000000000003906252Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c3504ebd1313e9f62022-01-11 12:18:33.835root 11241100x80000000000000003906253Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.07d0ac714687050c2022-01-11 12:18:33.835root 11241100x80000000000000003906254Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9fec568db7ec91452022-01-11 12:18:33.835root 11241100x80000000000000003906255Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d176073ce61230082022-01-11 12:18:33.835root 11241100x80000000000000003906256Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.07caf61305fde3bf2022-01-11 12:18:33.835root 11241100x80000000000000003906257Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.737aa484ee6060922022-01-11 12:18:33.836root 11241100x80000000000000003906258Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df63eb1368736c642022-01-11 12:18:33.836root 11241100x80000000000000003906259Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e016f330553c298f2022-01-11 12:18:33.836root 11241100x80000000000000003906260Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5914da79aa73880b2022-01-11 12:18:33.837root 11241100x80000000000000003906261Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af199573a3bc9a0e2022-01-11 12:18:33.837root 11241100x80000000000000003906262Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d4735bd05372db2c2022-01-11 12:18:33.838root 11241100x80000000000000003906263Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5bba6060be61cec42022-01-11 12:18:33.838root 11241100x80000000000000003906264Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef0dbe594a0728722022-01-11 12:18:33.838root 11241100x80000000000000003906265Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a2309a39df3224d2022-01-11 12:18:33.838root 11241100x80000000000000003906266Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5408b9a7269f44e22022-01-11 12:18:33.839root 11241100x80000000000000003906267Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a78db385dffdfadd2022-01-11 12:18:33.839root 11241100x80000000000000003906268Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3343c9bb56e0ec4a2022-01-11 12:18:33.839root 11241100x80000000000000003906269Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23e9010c85cba2d92022-01-11 12:18:33.839root 11241100x80000000000000003906270Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.adfa06f1ed76deca2022-01-11 12:18:34.334root 11241100x80000000000000003906271Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6c675420584bca62022-01-11 12:18:34.334root 11241100x80000000000000003906272Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.72ea362bb981422f2022-01-11 12:18:34.334root 11241100x80000000000000003906273Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f1d19c982cb80ce12022-01-11 12:18:34.334root 11241100x80000000000000003906274Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2740de6e0c288502022-01-11 12:18:34.335root 11241100x80000000000000003906275Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4ac57bc073614282022-01-11 12:18:34.335root 11241100x80000000000000003906276Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95ce52f77ccc36392022-01-11 12:18:34.335root 11241100x80000000000000003906277Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.545d61bb408a4def2022-01-11 12:18:34.335root 11241100x80000000000000003906278Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.43e609c4de20c7a22022-01-11 12:18:34.335root 11241100x80000000000000003906279Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd504578cccfa33f2022-01-11 12:18:34.335root 11241100x80000000000000003906280Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c7fc092298b5b002022-01-11 12:18:34.335root 11241100x80000000000000003906281Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.30f39e6b94cd9bf62022-01-11 12:18:34.335root 11241100x80000000000000003906282Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.058895e295e9e9162022-01-11 12:18:34.335root 11241100x80000000000000003906283Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e99866a34873a122022-01-11 12:18:34.335root 11241100x80000000000000003906284Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.92887ed8fd1fb74b2022-01-11 12:18:34.336root 11241100x80000000000000003906285Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef13517f9d20092d2022-01-11 12:18:34.336root 11241100x80000000000000003906286Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1affab08c9d1b80e2022-01-11 12:18:34.336root 11241100x80000000000000003906287Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8db75057bb29e1242022-01-11 12:18:34.336root 11241100x80000000000000003906288Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db00ec19a408b06c2022-01-11 12:18:34.336root 11241100x80000000000000003906289Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.86e647877b9ecbd32022-01-11 12:18:34.336root 11241100x80000000000000003906290Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3184efead7824ed02022-01-11 12:18:34.336root 11241100x80000000000000003906291Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21a5ac7673f3d0412022-01-11 12:18:34.336root 11241100x80000000000000003906292Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bcf644b4471178d72022-01-11 12:18:34.336root 11241100x80000000000000003906293Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3932f96424d873b32022-01-11 12:18:34.336root 11241100x80000000000000003906294Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.975e9796c2ee7dfe2022-01-11 12:18:34.337root 11241100x80000000000000003906295Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b69784c1b35e8322022-01-11 12:18:34.337root 11241100x80000000000000003906296Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9fbd0f8505c9a2992022-01-11 12:18:34.337root 11241100x80000000000000003906297Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c2a07136334e05a2022-01-11 12:18:34.833root 11241100x80000000000000003906298Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.50f59ce191cae40c2022-01-11 12:18:34.833root 11241100x80000000000000003906299Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d3c2046423d967b2022-01-11 12:18:34.833root 11241100x80000000000000003906300Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7e2d76de9d75b082022-01-11 12:18:34.833root 11241100x80000000000000003906301Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33bebc49066e4ffb2022-01-11 12:18:34.834root 11241100x80000000000000003906302Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e01a5e8a95bfa88d2022-01-11 12:18:34.834root 11241100x80000000000000003906303Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d7385f740faf666d2022-01-11 12:18:34.834root 11241100x80000000000000003906304Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.67edb2b40bba8b0e2022-01-11 12:18:34.834root 11241100x80000000000000003906305Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c0b5d1e1568194d2022-01-11 12:18:34.834root 11241100x80000000000000003906306Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.45571b09cc4ad7622022-01-11 12:18:34.834root 11241100x80000000000000003906307Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f4fdc1ffe64724372022-01-11 12:18:34.834root 11241100x80000000000000003906308Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d3909fb86e9c520f2022-01-11 12:18:34.834root 11241100x80000000000000003906309Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.446dde6ce01d17d02022-01-11 12:18:34.834root 11241100x80000000000000003906310Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2a764bb231ce686e2022-01-11 12:18:34.834root 11241100x80000000000000003906311Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.74963a32bfafe6012022-01-11 12:18:34.834root 11241100x80000000000000003906312Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.82e3d94c3e94f21c2022-01-11 12:18:34.834root 11241100x80000000000000003906313Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d5a3d4046a408ba12022-01-11 12:18:34.835root 11241100x80000000000000003906314Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5cc60ad3ee18d0852022-01-11 12:18:34.835root 11241100x80000000000000003906315Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0bffeaea4d412ff02022-01-11 12:18:34.835root 11241100x80000000000000003906316Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cab7d9f387dc929c2022-01-11 12:18:34.835root 11241100x80000000000000003906317Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.49d40113c08f37b62022-01-11 12:18:34.835root 11241100x80000000000000003906318Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d45be5626e5d03b12022-01-11 12:18:34.835root 11241100x80000000000000003906319Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f69a7cb72bbcf3b82022-01-11 12:18:34.835root 11241100x80000000000000003906320Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1959af7c705cdc572022-01-11 12:18:34.835root 11241100x80000000000000003906321Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9437c5ba92727b782022-01-11 12:18:34.835root 11241100x80000000000000003906322Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e1f124a6c3d7a64c2022-01-11 12:18:34.835root 11241100x80000000000000003906323Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a417a4048cd76e4a2022-01-11 12:18:34.835root 11241100x80000000000000003906324Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0144c91adfc25712022-01-11 12:18:34.835root 11241100x80000000000000003906325Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6fe7217e99f39f7a2022-01-11 12:18:34.835root 11241100x80000000000000003906326Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd5f0946f74a37472022-01-11 12:18:34.836root 11241100x80000000000000003906327Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e5415a1d3d941c152022-01-11 12:18:34.836root 11241100x80000000000000003906328Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee2d54698131c6752022-01-11 12:18:34.836root 11241100x80000000000000003906329Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2abcbed42ccf50902022-01-11 12:18:34.836root 11241100x80000000000000003906330Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ce232c1058bb9412022-01-11 12:18:34.836root 11241100x80000000000000003906331Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.077d0e2d41b0d5c32022-01-11 12:18:34.836root 11241100x80000000000000003906332Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6108f7c8ccc060862022-01-11 12:18:34.836root 11241100x80000000000000003906333Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.578a49b9f3c21d6f2022-01-11 12:18:34.837root 11241100x80000000000000003906334Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5709c6f22c6083082022-01-11 12:18:34.837root 11241100x80000000000000003906335Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7740c029c87557912022-01-11 12:18:34.837root 11241100x80000000000000003906336Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eafcd932be4730a22022-01-11 12:18:34.837root 11241100x80000000000000003906337Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6878eb9ef0a212ac2022-01-11 12:18:34.839root 11241100x80000000000000003906338Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f403a266f9e109f62022-01-11 12:18:34.839root 11241100x80000000000000003906339Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.37fa58ecbcf980072022-01-11 12:18:34.839root 11241100x80000000000000003906340Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.578b42e1ac2f17292022-01-11 12:18:34.839root 11241100x80000000000000003906341Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.840{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9021e4e79c7fe7602022-01-11 12:18:34.840root 11241100x80000000000000003906342Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.840{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1ba5e82e331d0492022-01-11 12:18:34.840root 11241100x80000000000000003906343Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.840{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9892c0c5d58855d02022-01-11 12:18:34.840root 11241100x80000000000000003906344Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.840{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f8c3d83a969c24802022-01-11 12:18:34.840root 11241100x80000000000000003906345Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.840{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3275ea0d387885052022-01-11 12:18:34.840root 11241100x80000000000000003906346Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.840{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0f5b8c29dfc47d612022-01-11 12:18:34.840root 11241100x80000000000000003906347Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.840{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.091dedc0ba1d731e2022-01-11 12:18:34.840root 11241100x80000000000000003906348Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.840{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.abf8c61d9a1471502022-01-11 12:18:34.840root 11241100x80000000000000003906349Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.840{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8761fd7fd757f8222022-01-11 12:18:34.840root 11241100x80000000000000003906350Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.840{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c400cd04afb17ec92022-01-11 12:18:34.840root 11241100x80000000000000003906351Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.840{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41a76fb3125486eb2022-01-11 12:18:34.840root 11241100x80000000000000003906352Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.841{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a2277bb77d786432022-01-11 12:18:34.841root 11241100x80000000000000003906353Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.841{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4222193fa9fa2d4d2022-01-11 12:18:34.841root 11241100x80000000000000003906354Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.841{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c02600f1aa85be52022-01-11 12:18:34.841root 11241100x80000000000000003906355Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.841{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d9130997811443722022-01-11 12:18:34.841root 11241100x80000000000000003906356Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.841{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6f286c30097d13c22022-01-11 12:18:34.841root 11241100x80000000000000003906357Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.841{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b678026398d7be62022-01-11 12:18:34.841root 11241100x80000000000000003906358Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.841{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dcd9711b38cdbbc32022-01-11 12:18:34.841root 11241100x80000000000000003906359Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.841{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6e24f135158d4ff2022-01-11 12:18:34.841root 11241100x80000000000000003906360Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.841{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3edfd805f75ffa322022-01-11 12:18:34.841root 11241100x80000000000000003906361Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.841{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e343ebe47ab4c6e2022-01-11 12:18:34.841root 11241100x80000000000000003906362Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.841{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0ef1bda6f318e852022-01-11 12:18:34.841root 11241100x80000000000000003906363Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.841{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ee36c6699b6da962022-01-11 12:18:34.841root 11241100x80000000000000003906364Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.841{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.277ef7f2e50e26e32022-01-11 12:18:34.841root 11241100x80000000000000003906365Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.841{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0da67555b5d9807a2022-01-11 12:18:34.841root 11241100x80000000000000003906366Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.841{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.35abe1cf06d8e8582022-01-11 12:18:34.841root 11241100x80000000000000003906367Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.842{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a61d6eb1e5c79d562022-01-11 12:18:34.842root 11241100x80000000000000003906368Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.842{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e7e89fdaad234532022-01-11 12:18:34.842root 11241100x80000000000000003906369Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.842{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e3028a76a8f5bacd2022-01-11 12:18:34.842root 11241100x80000000000000003906370Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.842{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95e7a33189a89f982022-01-11 12:18:34.842root 11241100x80000000000000003906371Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.842{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fcc7f41686c9c5052022-01-11 12:18:34.842root 11241100x80000000000000003906372Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.842{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4041f255b7f642642022-01-11 12:18:34.842root 11241100x80000000000000003906373Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.842{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5bf46a315e6412612022-01-11 12:18:34.842root 11241100x80000000000000003906374Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.842{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90811eba17e8bbb52022-01-11 12:18:34.842root 11241100x80000000000000003906375Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.842{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8837fba68f820bf12022-01-11 12:18:34.842root 11241100x80000000000000003906376Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.842{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f836877763d8f9a2022-01-11 12:18:34.842root 11241100x80000000000000003906377Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.842{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a4c0f928cd4205fe2022-01-11 12:18:34.842root 354300x80000000000000003906378Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.200{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56250-false10.0.1.12-8000- 11241100x80000000000000003906379Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.200{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.60ab38fb628654d72022-01-11 12:18:35.200root 11241100x80000000000000003906380Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.201{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.37646c76279d5a8c2022-01-11 12:18:35.201root 11241100x80000000000000003906381Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.201{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a17048dd74ec364b2022-01-11 12:18:35.201root 11241100x80000000000000003906382Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.201{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1110d99f1d39124c2022-01-11 12:18:35.201root 11241100x80000000000000003906383Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.201{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.10ed6d915c0392db2022-01-11 12:18:35.201root 11241100x80000000000000003906384Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.201{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3cc2be01452142752022-01-11 12:18:35.201root 11241100x80000000000000003906385Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.201{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b54556085a60035c2022-01-11 12:18:35.201root 11241100x80000000000000003906386Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.201{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b38a4e640072cae12022-01-11 12:18:35.201root 11241100x80000000000000003906387Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.201{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5695a4978a20dcdb2022-01-11 12:18:35.201root 11241100x80000000000000003906388Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.201{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41664ab9bfc26e832022-01-11 12:18:35.201root 11241100x80000000000000003906389Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.201{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c096acb9f760236e2022-01-11 12:18:35.201root 11241100x80000000000000003906390Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.201{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8a5b0003d35d874a2022-01-11 12:18:35.201root 11241100x80000000000000003906391Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.202{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.714591495969d3482022-01-11 12:18:35.202root 11241100x80000000000000003906392Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.202{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d127d3df9396e0862022-01-11 12:18:35.202root 11241100x80000000000000003906393Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.202{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e1915cb2700965302022-01-11 12:18:35.202root 11241100x80000000000000003906394Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.202{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.94a2da4d0d1fe2ba2022-01-11 12:18:35.202root 11241100x80000000000000003906395Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.202{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.347e44316e9fa05d2022-01-11 12:18:35.202root 11241100x80000000000000003906396Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.202{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6e5493dd232260cf2022-01-11 12:18:35.202root 11241100x80000000000000003906397Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.202{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a4935b1980cf19902022-01-11 12:18:35.202root 11241100x80000000000000003906398Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.202{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f96f99e700636e72022-01-11 12:18:35.202root 11241100x80000000000000003906399Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.202{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d0a3e60a343c18702022-01-11 12:18:35.202root 11241100x80000000000000003906400Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.202{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e40db3e53b5dc1da2022-01-11 12:18:35.202root 11241100x80000000000000003906401Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.202{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cac92b6d9e164b672022-01-11 12:18:35.202root 11241100x80000000000000003906402Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.202{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dfc0ae7d5fc424312022-01-11 12:18:35.202root 11241100x80000000000000003906403Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.203{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.30bd43b21c84a6252022-01-11 12:18:35.203root 11241100x80000000000000003906404Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.203{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.94b3a884d537b8de2022-01-11 12:18:35.203root 11241100x80000000000000003906405Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.203{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba18cdf67f0358412022-01-11 12:18:35.203root 11241100x80000000000000003906406Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.203{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.26f23f8816091bfd2022-01-11 12:18:35.203root 11241100x80000000000000003906407Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.203{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca5ae0c6152c69ba2022-01-11 12:18:35.203root 11241100x80000000000000003906408Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.203{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f7205a1159fecb42022-01-11 12:18:35.203root 11241100x80000000000000003906409Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.203{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d92b803f8aca5fb2022-01-11 12:18:35.203root 11241100x80000000000000003906410Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.203{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33f234f130385a7d2022-01-11 12:18:35.203root 11241100x80000000000000003906411Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.203{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3c28a37c9a9bfe0a2022-01-11 12:18:35.203root 11241100x80000000000000003906412Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.203{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.08cee06f401518992022-01-11 12:18:35.203root 11241100x80000000000000003906413Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.203{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b91d59d86897ffb2022-01-11 12:18:35.203root 11241100x80000000000000003906414Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.203{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ab7b415733e1dbf2022-01-11 12:18:35.203root 11241100x80000000000000003906415Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b21fdfb2a5259852022-01-11 12:18:35.583root 11241100x80000000000000003906416Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d573fd340596cdb2022-01-11 12:18:35.583root 11241100x80000000000000003906417Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.08b564c8ad56cbdc2022-01-11 12:18:35.583root 11241100x80000000000000003906418Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4726b9403b277ae92022-01-11 12:18:35.583root 11241100x80000000000000003906419Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7da32b758e8f8ed42022-01-11 12:18:35.583root 11241100x80000000000000003906420Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aeb2c1081459cb912022-01-11 12:18:35.583root 11241100x80000000000000003906421Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.134dd611e00056922022-01-11 12:18:35.584root 11241100x80000000000000003906422Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e42d06f284010a232022-01-11 12:18:35.584root 11241100x80000000000000003906423Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.049f7b2729b9dee12022-01-11 12:18:35.584root 11241100x80000000000000003906424Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b824326e55101c52022-01-11 12:18:35.584root 11241100x80000000000000003906425Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f4bcc3a972b6a0c2022-01-11 12:18:35.584root 11241100x80000000000000003906426Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e280ed30bc032992022-01-11 12:18:35.584root 11241100x80000000000000003906427Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.57b02fa08163082a2022-01-11 12:18:35.584root 11241100x80000000000000003906428Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9367576a05d06cbf2022-01-11 12:18:35.584root 11241100x80000000000000003906429Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77a9f0413fb472992022-01-11 12:18:35.585root 11241100x80000000000000003906430Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a14e5b2686b2c8e72022-01-11 12:18:35.585root 11241100x80000000000000003906431Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a9e620f0d45519f22022-01-11 12:18:35.585root 11241100x80000000000000003906432Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c3ea1eea8801b6092022-01-11 12:18:35.585root 11241100x80000000000000003906433Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.44b3ac6441d4cddd2022-01-11 12:18:35.585root 11241100x80000000000000003906434Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0d802bf0d3043302022-01-11 12:18:35.585root 11241100x80000000000000003906435Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.35c4a210062141992022-01-11 12:18:35.585root 11241100x80000000000000003906436Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.abc45494a06f869c2022-01-11 12:18:35.585root 11241100x80000000000000003906437Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f64a6fd54946067a2022-01-11 12:18:35.586root 11241100x80000000000000003906438Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a9e230dd273f3cf2022-01-11 12:18:35.586root 11241100x80000000000000003906439Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.838775d425719d3e2022-01-11 12:18:35.586root 11241100x80000000000000003906440Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b8fd5821894e62612022-01-11 12:18:35.586root 11241100x80000000000000003906441Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.99c6b5ae784d3bb12022-01-11 12:18:35.586root 11241100x80000000000000003906442Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ad5a6aac611a0532022-01-11 12:18:35.586root 11241100x80000000000000003906443Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ab2f377d8c8d5e02022-01-11 12:18:35.586root 11241100x80000000000000003906444Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dca47090e1117ff82022-01-11 12:18:35.586root 11241100x80000000000000003906445Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a9c9e13f8bec5be2022-01-11 12:18:35.586root 11241100x80000000000000003906446Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.774a36800644f1c72022-01-11 12:18:35.587root 11241100x80000000000000003906447Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ed94ff40a33ab5c2022-01-11 12:18:35.587root 11241100x80000000000000003906448Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cb5c4064cf830e832022-01-11 12:18:35.587root 11241100x80000000000000003906449Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8373610de833ad82022-01-11 12:18:35.587root 11241100x80000000000000003906450Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.80b556939ad49b2f2022-01-11 12:18:35.587root 11241100x80000000000000003906451Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6fd1940678983ac42022-01-11 12:18:35.587root 11241100x80000000000000003906452Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af928f271414d9772022-01-11 12:18:35.587root 11241100x80000000000000003906453Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.840158f56fc8c6af2022-01-11 12:18:35.587root 11241100x80000000000000003906454Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d4b47c7daff9ee22022-01-11 12:18:35.588root 11241100x80000000000000003906455Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.87cbb1506609e4312022-01-11 12:18:35.588root 11241100x80000000000000003906456Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0174d82b2c116a322022-01-11 12:18:35.588root 11241100x80000000000000003906457Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5257846cbcb7a2fe2022-01-11 12:18:36.083root 11241100x80000000000000003906458Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0f7102bb0f031ca72022-01-11 12:18:36.083root 11241100x80000000000000003906459Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.454302b24403a9fe2022-01-11 12:18:36.084root 11241100x80000000000000003906460Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.894170cfddaebefa2022-01-11 12:18:36.084root 11241100x80000000000000003906461Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1e48be97835db9182022-01-11 12:18:36.084root 11241100x80000000000000003906462Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ab6768e1ac2648a42022-01-11 12:18:36.084root 11241100x80000000000000003906463Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f27d0e8f1cfc25ed2022-01-11 12:18:36.084root 11241100x80000000000000003906464Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.46c9578483049a562022-01-11 12:18:36.084root 11241100x80000000000000003906465Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69340d7e6f4151b32022-01-11 12:18:36.084root 11241100x80000000000000003906466Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3526cfdfe42a04f02022-01-11 12:18:36.085root 11241100x80000000000000003906467Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.19474648148cd6262022-01-11 12:18:36.085root 11241100x80000000000000003906468Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33c1ba4a4e5a3ffa2022-01-11 12:18:36.085root 11241100x80000000000000003906469Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.04979bc59bb08d3b2022-01-11 12:18:36.085root 11241100x80000000000000003906470Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a4f23bca83a73332022-01-11 12:18:36.085root 11241100x80000000000000003906471Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b10744a468bff2542022-01-11 12:18:36.085root 11241100x80000000000000003906472Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f7c39ddb3273bba2022-01-11 12:18:36.085root 11241100x80000000000000003906473Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.919b7dcd6aff14312022-01-11 12:18:36.085root 11241100x80000000000000003906474Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f65cada1a4b883f2022-01-11 12:18:36.085root 11241100x80000000000000003906475Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.645a6097eefec1d52022-01-11 12:18:36.086root 11241100x80000000000000003906476Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fb88413cd9e12cd32022-01-11 12:18:36.086root 11241100x80000000000000003906477Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9f1481ee7ecc6d92022-01-11 12:18:36.086root 11241100x80000000000000003906478Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.72fae37d36cc02a62022-01-11 12:18:36.086root 11241100x80000000000000003906479Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9316256f50cd8d752022-01-11 12:18:36.086root 11241100x80000000000000003906480Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c65748b99a77d872022-01-11 12:18:36.086root 11241100x80000000000000003906481Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c08f975eae2db86d2022-01-11 12:18:36.086root 11241100x80000000000000003906482Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e218e99c40a21712022-01-11 12:18:36.086root 11241100x80000000000000003906483Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fbaee8ea1e066a052022-01-11 12:18:36.086root 11241100x80000000000000003906484Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0985c03e3ffabedc2022-01-11 12:18:36.086root 11241100x80000000000000003906485Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.37c107cd4f06f3bc2022-01-11 12:18:36.086root 11241100x80000000000000003906486Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b004b661b4b2537b2022-01-11 12:18:36.086root 11241100x80000000000000003906487Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1faccfa5b3b54c22022-01-11 12:18:36.086root 11241100x80000000000000003906488Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c7add3da295928c2022-01-11 12:18:36.086root 11241100x80000000000000003906489Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.51b5f7e513f060512022-01-11 12:18:36.086root 11241100x80000000000000003906490Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b406e01294cdb1a2022-01-11 12:18:36.086root 11241100x80000000000000003906491Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.371733217c060ebe2022-01-11 12:18:36.087root 11241100x80000000000000003906492Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e48ab03419887702022-01-11 12:18:36.087root 11241100x80000000000000003906493Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c7b55660497befd12022-01-11 12:18:36.087root 11241100x80000000000000003906494Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fef718ec99f374aa2022-01-11 12:18:36.087root 11241100x80000000000000003906495Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c02dda8e71c3a3f22022-01-11 12:18:36.087root 11241100x80000000000000003906496Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa151735188777e32022-01-11 12:18:36.087root 11241100x80000000000000003906497Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc7bc0b82bca2b9e2022-01-11 12:18:36.087root 11241100x80000000000000003906498Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe733cdb736b8a0a2022-01-11 12:18:36.087root 11241100x80000000000000003906499Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b87109991116c03a2022-01-11 12:18:36.087root 11241100x80000000000000003906500Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.736b9f9c4dd7058f2022-01-11 12:18:36.087root 11241100x80000000000000003906501Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ab21c548fd553962022-01-11 12:18:36.087root 11241100x80000000000000003906502Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48ef422ca10edeb02022-01-11 12:18:36.088root 11241100x80000000000000003906503Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f927768a5db8d2a92022-01-11 12:18:36.088root 11241100x80000000000000003906504Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2570d1feabe554952022-01-11 12:18:36.088root 11241100x80000000000000003906505Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fea97b7d31f8cbb12022-01-11 12:18:36.088root 11241100x80000000000000003906506Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.55691e1b69ede8c62022-01-11 12:18:36.088root 11241100x80000000000000003906507Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.646c399dd7a77d8d2022-01-11 12:18:36.088root 11241100x80000000000000003906508Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.562dbaf84b0f32602022-01-11 12:18:36.088root 11241100x80000000000000003906509Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6363a600e4161722022-01-11 12:18:36.088root 11241100x80000000000000003906510Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9476ace346ed2ed72022-01-11 12:18:36.088root 11241100x80000000000000003906511Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6786cc0332e6af6d2022-01-11 12:18:36.088root 11241100x80000000000000003906512Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c4a7218162c430c82022-01-11 12:18:36.584root 11241100x80000000000000003906513Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.06608394561004152022-01-11 12:18:36.584root 11241100x80000000000000003906514Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc05e0633be092482022-01-11 12:18:36.584root 11241100x80000000000000003906515Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c4c944f981befaea2022-01-11 12:18:36.584root 11241100x80000000000000003906516Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e296954c7b1d0532022-01-11 12:18:36.584root 11241100x80000000000000003906517Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.44f1f73a008a2f542022-01-11 12:18:36.584root 11241100x80000000000000003906518Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.065ee226cecb8ee32022-01-11 12:18:36.584root 11241100x80000000000000003906519Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21cdbfca19ebf7a22022-01-11 12:18:36.584root 11241100x80000000000000003906520Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.04a463bf3d8a5b712022-01-11 12:18:36.584root 11241100x80000000000000003906521Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d227430eff2ecadc2022-01-11 12:18:36.585root 11241100x80000000000000003906522Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e70b44e9480a52e2022-01-11 12:18:36.585root 11241100x80000000000000003906523Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6cfcc3950cef82732022-01-11 12:18:36.585root 11241100x80000000000000003906524Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bef92bcd8a30310c2022-01-11 12:18:36.585root 11241100x80000000000000003906525Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.325fa54d573cf7282022-01-11 12:18:36.585root 11241100x80000000000000003906526Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7107a4835d7525502022-01-11 12:18:36.585root 11241100x80000000000000003906527Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.61ed565ece50a9692022-01-11 12:18:36.585root 11241100x80000000000000003906528Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ff3db10dd344e3d2022-01-11 12:18:36.585root 11241100x80000000000000003906529Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2870613c255cdeb32022-01-11 12:18:36.585root 11241100x80000000000000003906530Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.44af4dfdfc7b43ce2022-01-11 12:18:36.585root 11241100x80000000000000003906531Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.08ac2c554596dc912022-01-11 12:18:36.585root 11241100x80000000000000003906532Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.14f4511f1a68b1492022-01-11 12:18:36.585root 11241100x80000000000000003906533Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33fa35dcff1216402022-01-11 12:18:36.585root 11241100x80000000000000003906534Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f16c7888950253e2022-01-11 12:18:36.585root 11241100x80000000000000003906535Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77b88026f97f5eb52022-01-11 12:18:36.585root 11241100x80000000000000003906536Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be083143f2d4a0482022-01-11 12:18:36.586root 11241100x80000000000000003906537Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.11af9a19e094db952022-01-11 12:18:36.586root 11241100x80000000000000003906538Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4252d6be4e5789a2022-01-11 12:18:36.586root 11241100x80000000000000003906539Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d9e9fa437e0fdadd2022-01-11 12:18:36.586root 11241100x80000000000000003906540Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.31d408234e12e8da2022-01-11 12:18:36.586root 11241100x80000000000000003906541Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d39046878911f242022-01-11 12:18:37.084root 11241100x80000000000000003906542Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df4f9790cd3e35512022-01-11 12:18:37.084root 11241100x80000000000000003906543Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96fa761d944c1a0e2022-01-11 12:18:37.084root 11241100x80000000000000003906544Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.262e550c4c783bc82022-01-11 12:18:37.084root 11241100x80000000000000003906545Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e4a63fa9e6574a12022-01-11 12:18:37.084root 11241100x80000000000000003906546Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a84e0604fba3641a2022-01-11 12:18:37.084root 11241100x80000000000000003906547Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6c4a081f17e0bb02022-01-11 12:18:37.085root 11241100x80000000000000003906548Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.04d24ddc83c4bc602022-01-11 12:18:37.085root 11241100x80000000000000003906549Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.05373d95a3194ff62022-01-11 12:18:37.085root 11241100x80000000000000003906550Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ae56d74c5dfe60a2022-01-11 12:18:37.085root 11241100x80000000000000003906551Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.66100cd85d602d742022-01-11 12:18:37.085root 11241100x80000000000000003906552Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c815bd4772b4985a2022-01-11 12:18:37.085root 11241100x80000000000000003906553Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.172dcaf8e78345f32022-01-11 12:18:37.085root 11241100x80000000000000003906554Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1185b06dfe12c1432022-01-11 12:18:37.085root 11241100x80000000000000003906555Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d02f05a7b37afff2022-01-11 12:18:37.085root 11241100x80000000000000003906556Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.322031bee8b3602c2022-01-11 12:18:37.085root 11241100x80000000000000003906557Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7cd9ecd3b2b76c812022-01-11 12:18:37.085root 11241100x80000000000000003906558Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e884958e23dcdd02022-01-11 12:18:37.085root 11241100x80000000000000003906559Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8d13473cbe3b7782022-01-11 12:18:37.085root 11241100x80000000000000003906560Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7fa511b560c2413e2022-01-11 12:18:37.085root 11241100x80000000000000003906561Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9f6116c5a1a570f92022-01-11 12:18:37.085root 11241100x80000000000000003906562Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f449fc5a37dd64642022-01-11 12:18:37.086root 11241100x80000000000000003906563Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b16fde554c949642022-01-11 12:18:37.086root 11241100x80000000000000003906564Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.407cc82eddbe7bab2022-01-11 12:18:37.086root 11241100x80000000000000003906565Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6dd04ec5ac1603902022-01-11 12:18:37.086root 11241100x80000000000000003906566Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dcabf228ffa2fbcb2022-01-11 12:18:37.086root 11241100x80000000000000003906567Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.40e3fb05596ff37d2022-01-11 12:18:37.086root 11241100x80000000000000003906568Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee380faaac577d462022-01-11 12:18:37.086root 11241100x80000000000000003906569Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f45c9259716f442d2022-01-11 12:18:37.584root 11241100x80000000000000003906570Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.39a00d1270aa06c82022-01-11 12:18:37.584root 11241100x80000000000000003906571Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02c435215c8a6daa2022-01-11 12:18:37.584root 11241100x80000000000000003906572Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b06caa04d91704c2022-01-11 12:18:37.584root 11241100x80000000000000003906573Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a5da27d61beffc582022-01-11 12:18:37.584root 11241100x80000000000000003906574Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8048e0e64df2b83b2022-01-11 12:18:37.584root 11241100x80000000000000003906575Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b69a6a766385b652022-01-11 12:18:37.584root 11241100x80000000000000003906576Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ea5c545b86ba2e6f2022-01-11 12:18:37.584root 11241100x80000000000000003906577Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd1d181a6bf2e2152022-01-11 12:18:37.584root 11241100x80000000000000003906578Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd3ee3d42216741d2022-01-11 12:18:37.585root 11241100x80000000000000003906579Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d58a49b9eee857bc2022-01-11 12:18:37.585root 11241100x80000000000000003906580Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9eaad26d95979ffc2022-01-11 12:18:37.585root 11241100x80000000000000003906581Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4be318752a570bc92022-01-11 12:18:37.585root 11241100x80000000000000003906582Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8f07dd3ac50135b2022-01-11 12:18:37.585root 11241100x80000000000000003906583Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c7e61648dad95f4c2022-01-11 12:18:37.585root 11241100x80000000000000003906584Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.552b2efccbc88e182022-01-11 12:18:37.585root 11241100x80000000000000003906585Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a4077839d6ba4382022-01-11 12:18:37.585root 11241100x80000000000000003906586Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.299e6a90489aedeb2022-01-11 12:18:37.585root 11241100x80000000000000003906587Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.99b1236ad33c1ed42022-01-11 12:18:37.585root 11241100x80000000000000003906588Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.296290891cdc94e02022-01-11 12:18:37.585root 11241100x80000000000000003906589Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.03f2eedce35f94fd2022-01-11 12:18:37.585root 11241100x80000000000000003906590Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.545c97afccf70ef82022-01-11 12:18:37.585root 11241100x80000000000000003906591Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f12ebd2884f879d32022-01-11 12:18:37.585root 11241100x80000000000000003906592Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fadf3c83cc2dd5812022-01-11 12:18:37.585root 11241100x80000000000000003906593Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7263ea25a54839fc2022-01-11 12:18:37.585root 11241100x80000000000000003906594Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4bb3e0cfa458cb9b2022-01-11 12:18:37.586root 11241100x80000000000000003906595Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca5c61c4a716afd32022-01-11 12:18:37.586root 11241100x80000000000000003906596Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.683fc724155e9c0e2022-01-11 12:18:37.586root 11241100x80000000000000003906597Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c06d56ab5003f602022-01-11 12:18:38.083root 11241100x80000000000000003906598Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6204bc95f93ece02022-01-11 12:18:38.083root 11241100x80000000000000003906599Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9348c8175887ae8b2022-01-11 12:18:38.083root 11241100x80000000000000003906600Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4675231fe37594b2022-01-11 12:18:38.083root 11241100x80000000000000003906601Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.983db461947ede9d2022-01-11 12:18:38.084root 11241100x80000000000000003906602Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.537558eda149ee412022-01-11 12:18:38.084root 11241100x80000000000000003906603Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3530bffd11bb62462022-01-11 12:18:38.084root 11241100x80000000000000003906604Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e125b36517befbd72022-01-11 12:18:38.084root 11241100x80000000000000003906605Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6141707d4b380c5a2022-01-11 12:18:38.084root 11241100x80000000000000003906606Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b347e7a9f76636f2022-01-11 12:18:38.084root 11241100x80000000000000003906607Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.113e0eec1651773f2022-01-11 12:18:38.085root 11241100x80000000000000003906608Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.56d83b776a9e71982022-01-11 12:18:38.085root 11241100x80000000000000003906609Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0685fcb66042891b2022-01-11 12:18:38.085root 11241100x80000000000000003906610Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.547f62541f0e7e5b2022-01-11 12:18:38.085root 11241100x80000000000000003906611Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0eff15e1737286f92022-01-11 12:18:38.085root 11241100x80000000000000003906612Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.563791584a1882a82022-01-11 12:18:38.085root 11241100x80000000000000003906613Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.227e05d8f5ce28e42022-01-11 12:18:38.085root 11241100x80000000000000003906614Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00f668aa2eb4e66e2022-01-11 12:18:38.086root 11241100x80000000000000003906615Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f913beec3ba2e0172022-01-11 12:18:38.086root 11241100x80000000000000003906616Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e87dab8d9b6081412022-01-11 12:18:38.086root 11241100x80000000000000003906617Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df1b5d567253b86c2022-01-11 12:18:38.086root 11241100x80000000000000003906618Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b42dca81559bfad2022-01-11 12:18:38.086root 11241100x80000000000000003906619Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a89a0f84a5b1a45f2022-01-11 12:18:38.086root 11241100x80000000000000003906620Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f75b9ab2aedd959f2022-01-11 12:18:38.086root 11241100x80000000000000003906621Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e9a709204b57aa82022-01-11 12:18:38.086root 11241100x80000000000000003906622Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff268e2d0272700f2022-01-11 12:18:38.086root 11241100x80000000000000003906623Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.86025745f67ecc0f2022-01-11 12:18:38.087root 11241100x80000000000000003906624Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ea27a88fa9aa9422022-01-11 12:18:38.087root 11241100x80000000000000003906625Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.16bc1788a3eeb9962022-01-11 12:18:38.087root 11241100x80000000000000003906626Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.20bcdf84af9fa55d2022-01-11 12:18:38.087root 11241100x80000000000000003906627Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e78ec8787c868062022-01-11 12:18:38.087root 11241100x80000000000000003906628Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.473bd2fb220f6c022022-01-11 12:18:38.088root 11241100x80000000000000003906629Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7dd300c85093d7cb2022-01-11 12:18:38.088root 11241100x80000000000000003906630Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c923edf1da86cc092022-01-11 12:18:38.088root 11241100x80000000000000003906631Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc45660ff11773fb2022-01-11 12:18:38.089root 11241100x80000000000000003906632Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b1840bfb4ae8af002022-01-11 12:18:38.089root 11241100x80000000000000003906633Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.831ea81bdf223c592022-01-11 12:18:38.089root 11241100x80000000000000003906634Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.abf6fa19936a10842022-01-11 12:18:38.089root 11241100x80000000000000003906635Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af56e7dedd2c473a2022-01-11 12:18:38.089root 11241100x80000000000000003906636Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe6aff060dd769392022-01-11 12:18:38.089root 11241100x80000000000000003906637Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.819a37a496a16e672022-01-11 12:18:38.089root 11241100x80000000000000003906638Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2812dba6d752c0a22022-01-11 12:18:38.089root 11241100x80000000000000003906639Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd234548a3b48a442022-01-11 12:18:38.090root 11241100x80000000000000003906640Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.62d23faa83ca1d882022-01-11 12:18:38.090root 11241100x80000000000000003906641Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.18af8b2af501d3292022-01-11 12:18:38.090root 11241100x80000000000000003906642Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a83a5b892ed7babd2022-01-11 12:18:38.090root 11241100x80000000000000003906643Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b20e31fafdfd5de2022-01-11 12:18:38.090root 11241100x80000000000000003906644Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae8233d58f5b89ac2022-01-11 12:18:38.090root 11241100x80000000000000003906645Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1fd3ba03bc68f3182022-01-11 12:18:38.584root 11241100x80000000000000003906646Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2a7b9e11c4e113a22022-01-11 12:18:38.584root 11241100x80000000000000003906647Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2edc6124a2d594bc2022-01-11 12:18:38.584root 11241100x80000000000000003906648Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e64d9454c0e0d4f22022-01-11 12:18:38.584root 11241100x80000000000000003906649Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.56241c5394fbd2752022-01-11 12:18:38.584root 11241100x80000000000000003906650Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33daf54aefc3c7672022-01-11 12:18:38.584root 11241100x80000000000000003906651Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.65efdb78b7d829672022-01-11 12:18:38.584root 11241100x80000000000000003906652Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f5bf30d0c0b3a062022-01-11 12:18:38.584root 11241100x80000000000000003906653Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa95c315ac3c1c0d2022-01-11 12:18:38.584root 11241100x80000000000000003906654Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ddfb942e90c85cd2022-01-11 12:18:38.584root 11241100x80000000000000003906655Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3159ce68127017be2022-01-11 12:18:38.585root 11241100x80000000000000003906656Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.81ccf08afef464be2022-01-11 12:18:38.585root 11241100x80000000000000003906657Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ad7aedf80d0fb5f2022-01-11 12:18:38.585root 11241100x80000000000000003906658Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f89c194851cc7e22022-01-11 12:18:38.585root 11241100x80000000000000003906659Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f23a112ce39fd37e2022-01-11 12:18:38.585root 11241100x80000000000000003906660Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02ac9f43c538ffec2022-01-11 12:18:38.585root 11241100x80000000000000003906661Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d8942a10b9541b72022-01-11 12:18:38.585root 11241100x80000000000000003906662Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b66bd9d2b4780c92022-01-11 12:18:38.585root 11241100x80000000000000003906663Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6f54af0e5ea20fd72022-01-11 12:18:38.585root 11241100x80000000000000003906664Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.42d57e1ea2961d4c2022-01-11 12:18:38.586root 11241100x80000000000000003906665Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69c1392b44e39d012022-01-11 12:18:38.586root 11241100x80000000000000003906666Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.53cf4786b118104c2022-01-11 12:18:38.586root 11241100x80000000000000003906667Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0447306d0e1c6a12022-01-11 12:18:38.586root 11241100x80000000000000003906668Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ba7af7a4ac300be2022-01-11 12:18:38.586root 11241100x80000000000000003906669Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e82f17b3de9d49552022-01-11 12:18:38.586root 11241100x80000000000000003906670Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c759675b42e3de22022-01-11 12:18:38.586root 11241100x80000000000000003906671Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb876ee6b89555b52022-01-11 12:18:38.586root 11241100x80000000000000003906672Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae41ec68e5df489f2022-01-11 12:18:38.586root 11241100x80000000000000003906673Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.edd56295116e25c82022-01-11 12:18:38.586root 11241100x80000000000000003906674Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.495795e4a71417c92022-01-11 12:18:39.083root 11241100x80000000000000003906675Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0f3980ecce8e01422022-01-11 12:18:39.083root 11241100x80000000000000003906676Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b9bc447d2ac45d32022-01-11 12:18:39.084root 11241100x80000000000000003906677Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec22150c86764caf2022-01-11 12:18:39.084root 11241100x80000000000000003906678Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a8927bd682f5a042022-01-11 12:18:39.084root 11241100x80000000000000003906679Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a67730593bdff48e2022-01-11 12:18:39.084root 11241100x80000000000000003906680Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c7a1eda070c4b17d2022-01-11 12:18:39.084root 11241100x80000000000000003906681Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ceb681bdc0269442022-01-11 12:18:39.084root 11241100x80000000000000003906682Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0f10101557b855372022-01-11 12:18:39.084root 11241100x80000000000000003906683Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f18572ca25694552022-01-11 12:18:39.084root 11241100x80000000000000003906684Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d994b97a903eed032022-01-11 12:18:39.084root 11241100x80000000000000003906685Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2b90dd2531a7ee1a2022-01-11 12:18:39.084root 11241100x80000000000000003906686Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a12da91b0e7e0ad2022-01-11 12:18:39.084root 11241100x80000000000000003906687Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6542b2c25e2f7922022-01-11 12:18:39.085root 11241100x80000000000000003906688Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff2641967cbfc8812022-01-11 12:18:39.085root 11241100x80000000000000003906689Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b8485a454981cb52022-01-11 12:18:39.085root 11241100x80000000000000003906690Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d862381c53a9b34e2022-01-11 12:18:39.085root 11241100x80000000000000003906691Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0979813ca129586b2022-01-11 12:18:39.085root 11241100x80000000000000003906692Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4cce978d362ae1032022-01-11 12:18:39.085root 11241100x80000000000000003906693Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d8755b3bfc20fa12022-01-11 12:18:39.085root 11241100x80000000000000003906694Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.43b2f04c986711e62022-01-11 12:18:39.085root 11241100x80000000000000003906695Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f70a7a38a848be92022-01-11 12:18:39.085root 11241100x80000000000000003906696Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9d6903e150dbe8d2022-01-11 12:18:39.085root 11241100x80000000000000003906697Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f34b6e4e7cfa85022022-01-11 12:18:39.085root 11241100x80000000000000003906698Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a8b285e0629846a2022-01-11 12:18:39.086root 11241100x80000000000000003906699Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.17b2efd0a5bd6fb02022-01-11 12:18:39.086root 11241100x80000000000000003906700Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e2472fc62d65b362022-01-11 12:18:39.086root 11241100x80000000000000003906701Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.531f2267115965bc2022-01-11 12:18:39.086root 11241100x80000000000000003906702Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1eb99c4b1cc88ab02022-01-11 12:18:39.086root 11241100x80000000000000003906703Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d0811931e78a164c2022-01-11 12:18:39.086root 11241100x80000000000000003906704Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ed0578c8cdc7cf72022-01-11 12:18:39.087root 11241100x80000000000000003906705Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b231554ae5ef69f12022-01-11 12:18:39.087root 11241100x80000000000000003906706Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7470dd97ab177ec62022-01-11 12:18:39.087root 11241100x80000000000000003906707Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd099280572fc2b42022-01-11 12:18:39.087root 11241100x80000000000000003906708Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b5f6d6a9fb7b93b12022-01-11 12:18:39.087root 11241100x80000000000000003906709Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ad49be3a50cf3672022-01-11 12:18:39.088root 11241100x80000000000000003906710Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c8582e005addf4d2022-01-11 12:18:39.088root 11241100x80000000000000003906711Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2685cf37db7fef5c2022-01-11 12:18:39.088root 11241100x80000000000000003906712Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.129cf18b5a5b114b2022-01-11 12:18:39.088root 11241100x80000000000000003906713Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d35ab0bbc2512e952022-01-11 12:18:39.088root 11241100x80000000000000003906714Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.50d33188e05c04322022-01-11 12:18:39.088root 11241100x80000000000000003906715Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.863cfce51bdc2a3b2022-01-11 12:18:39.089root 11241100x80000000000000003906716Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e14bf2ca044d56192022-01-11 12:18:39.089root 11241100x80000000000000003906717Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.53a8d2e8231a8a8d2022-01-11 12:18:39.089root 11241100x80000000000000003906718Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0114046404d71b32022-01-11 12:18:39.089root 11241100x80000000000000003906719Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.15f00e8e0c36c0ec2022-01-11 12:18:39.584root 11241100x80000000000000003906720Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9fd8df3342a16b402022-01-11 12:18:39.584root 11241100x80000000000000003906721Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac75d5dde782f9932022-01-11 12:18:39.584root 11241100x80000000000000003906722Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91aa90a5c07fc56e2022-01-11 12:18:39.584root 11241100x80000000000000003906723Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d90a4873a5624d5d2022-01-11 12:18:39.584root 11241100x80000000000000003906724Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ecc5f932671d2b02022-01-11 12:18:39.584root 11241100x80000000000000003906725Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0692f695de8b72dd2022-01-11 12:18:39.584root 11241100x80000000000000003906726Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1e906bb2418ad7592022-01-11 12:18:39.584root 11241100x80000000000000003906727Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.56376e34c1757c692022-01-11 12:18:39.584root 11241100x80000000000000003906728Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6509990a442f4f3e2022-01-11 12:18:39.584root 11241100x80000000000000003906729Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.637556add72c2f8b2022-01-11 12:18:39.585root 11241100x80000000000000003906730Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0ad4807816cbf302022-01-11 12:18:39.585root 11241100x80000000000000003906731Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d6b3936e9ac3b512022-01-11 12:18:39.585root 11241100x80000000000000003906732Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.37bd6f64fd2753ed2022-01-11 12:18:39.585root 11241100x80000000000000003906733Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c29d130ea43603092022-01-11 12:18:39.585root 11241100x80000000000000003906734Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.febaaccc90b21ab22022-01-11 12:18:39.585root 11241100x80000000000000003906735Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a3de5170f91bf8382022-01-11 12:18:39.585root 11241100x80000000000000003906736Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1642bd4b30224ab02022-01-11 12:18:39.585root 11241100x80000000000000003906737Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.400d00a270ee8ea72022-01-11 12:18:39.585root 11241100x80000000000000003906738Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6332eda431eab3542022-01-11 12:18:39.585root 11241100x80000000000000003906739Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.55c39181d896684e2022-01-11 12:18:39.585root 11241100x80000000000000003906740Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6714d53aa6a15a4b2022-01-11 12:18:39.586root 11241100x80000000000000003906741Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ad11699d14cebff2022-01-11 12:18:39.586root 11241100x80000000000000003906742Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5aa7dcaf5c3fad312022-01-11 12:18:39.586root 11241100x80000000000000003906743Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9387633fe735a4d42022-01-11 12:18:39.586root 11241100x80000000000000003906744Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96f3cdad54304b262022-01-11 12:18:39.586root 11241100x80000000000000003906745Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f5f258a034ec16422022-01-11 12:18:39.586root 11241100x80000000000000003906746Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c38b1da5b154c0892022-01-11 12:18:39.586root 11241100x80000000000000003906747Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f20ab018e64bae22022-01-11 12:18:39.586root 11241100x80000000000000003906748Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb64f28fc89fa4172022-01-11 12:18:39.586root 11241100x80000000000000003906749Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bf7744d48cf824c32022-01-11 12:18:39.586root 11241100x80000000000000003906750Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8663df081830b2102022-01-11 12:18:40.084root 11241100x80000000000000003906751Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b0730565510413082022-01-11 12:18:40.084root 11241100x80000000000000003906752Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e19f94d4a23ab142022-01-11 12:18:40.084root 11241100x80000000000000003906753Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b46bf1b2b80369e2022-01-11 12:18:40.084root 11241100x80000000000000003906754Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.963f17ea7122fa942022-01-11 12:18:40.085root 11241100x80000000000000003906755Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae87880716140eab2022-01-11 12:18:40.085root 11241100x80000000000000003906756Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b87d3aec647b8442022-01-11 12:18:40.085root 11241100x80000000000000003906757Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b52815cbae553a52022-01-11 12:18:40.085root 11241100x80000000000000003906758Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2119ec196e2b25de2022-01-11 12:18:40.085root 11241100x80000000000000003906759Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a7372e9d50564532022-01-11 12:18:40.085root 11241100x80000000000000003906760Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8f11f806813c86a2022-01-11 12:18:40.085root 11241100x80000000000000003906761Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e91b077e387dca22022-01-11 12:18:40.085root 11241100x80000000000000003906762Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b1ea419b36b51ec12022-01-11 12:18:40.085root 11241100x80000000000000003906763Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9441313dbd9f80a22022-01-11 12:18:40.085root 11241100x80000000000000003906764Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6e6fd64ae8d964a22022-01-11 12:18:40.085root 11241100x80000000000000003906765Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.27367569c79c84762022-01-11 12:18:40.085root 11241100x80000000000000003906766Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8a5a6bec8e8c5f9a2022-01-11 12:18:40.085root 11241100x80000000000000003906767Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.daced309583799472022-01-11 12:18:40.086root 11241100x80000000000000003906768Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a4b386986f33e9b2022-01-11 12:18:40.086root 11241100x80000000000000003906769Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f65f7c0f8a2c75362022-01-11 12:18:40.086root 11241100x80000000000000003906770Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a218a76db1b7ad12022-01-11 12:18:40.086root 11241100x80000000000000003906771Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d320dcd30d2ae2462022-01-11 12:18:40.086root 11241100x80000000000000003906772Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.947a6f2380dd24ff2022-01-11 12:18:40.086root 11241100x80000000000000003906773Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.daf65d6d775c59122022-01-11 12:18:40.086root 11241100x80000000000000003906774Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7aa0c2ff7e1b82e82022-01-11 12:18:40.086root 11241100x80000000000000003906775Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f0b514966fbce372022-01-11 12:18:40.086root 11241100x80000000000000003906776Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dee4569cb4638c812022-01-11 12:18:40.086root 11241100x80000000000000003906777Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b6c91b442a2d0a122022-01-11 12:18:40.086root 354300x80000000000000003906778Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.206{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56252-false10.0.1.12-8000- 154100x80000000000000003906779Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.447{ec2d504d-75a0-61dd-68f4-4cf280550000}9855/bin/ps-----ps -e -o pid,ppid,state,command/var/snap/amazon-ssm-agent/4046root{ec2d504d-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}2402--- 11241100x80000000000000003906780Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.448{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a2f03503a90959ce2022-01-11 12:18:40.448root 11241100x80000000000000003906781Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.448{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0089c34428c74d6b2022-01-11 12:18:40.448root 11241100x80000000000000003906782Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.449{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af080ef04f19e1bf2022-01-11 12:18:40.449root 11241100x80000000000000003906783Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.449{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7527b912dc3b99842022-01-11 12:18:40.449root 11241100x80000000000000003906784Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.449{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09c45a49c13126162022-01-11 12:18:40.449root 11241100x80000000000000003906785Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.449{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd9b04588c200c432022-01-11 12:18:40.449root 11241100x80000000000000003906786Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.449{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.afc74da79de5a1472022-01-11 12:18:40.449root 11241100x80000000000000003906787Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.450{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.42844d729791243b2022-01-11 12:18:40.450root 11241100x80000000000000003906788Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.450{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e1cc4c580d2d42ab2022-01-11 12:18:40.450root 11241100x80000000000000003906789Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.450{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90574f8d8fd3996b2022-01-11 12:18:40.450root 11241100x80000000000000003906790Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.450{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9876188fd8275e2c2022-01-11 12:18:40.450root 11241100x80000000000000003906791Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.450{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff848cf818573cee2022-01-11 12:18:40.450root 11241100x80000000000000003906792Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.450{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d9c72fbd81934172022-01-11 12:18:40.450root 11241100x80000000000000003906793Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.450{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0fdd5793c2ad6e4b2022-01-11 12:18:40.450root 11241100x80000000000000003906794Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.451{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ea7ca92ff46c2652022-01-11 12:18:40.451root 11241100x80000000000000003906795Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.451{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e578b6ed2b16ddcd2022-01-11 12:18:40.451root 11241100x80000000000000003906796Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.451{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f091d4b8c2a7ff2d2022-01-11 12:18:40.451root 11241100x80000000000000003906797Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.451{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.72c74bf4b52859e42022-01-11 12:18:40.451root 11241100x80000000000000003906798Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.451{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6980f1d484e642bc2022-01-11 12:18:40.451root 11241100x80000000000000003906799Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.451{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e588d8495dc9d59d2022-01-11 12:18:40.451root 11241100x80000000000000003906800Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.451{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b333f949e98cef82022-01-11 12:18:40.451root 11241100x80000000000000003906801Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.451{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4867791068d6f252022-01-11 12:18:40.451root 11241100x80000000000000003906802Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.451{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf18c89a9697cd262022-01-11 12:18:40.451root 11241100x80000000000000003906803Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.452{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.348d063e7a5392972022-01-11 12:18:40.452root 11241100x80000000000000003906804Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.452{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a7e24f9f881b4602022-01-11 12:18:40.452root 11241100x80000000000000003906805Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.452{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.79dd84e1189bcf202022-01-11 12:18:40.452root 11241100x80000000000000003906806Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.452{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.97ef0e35cda0b4042022-01-11 12:18:40.452root 11241100x80000000000000003906807Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.452{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed3a3fa76cc055212022-01-11 12:18:40.452root 11241100x80000000000000003906808Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.452{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.68d306cdc8196f932022-01-11 12:18:40.452root 11241100x80000000000000003906809Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.452{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.85bae735b0de9a312022-01-11 12:18:40.452root 11241100x80000000000000003906810Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.452{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5cf1e01a3821596c2022-01-11 12:18:40.452root 11241100x80000000000000003906811Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.452{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f2bf28670a1c5542022-01-11 12:18:40.452root 11241100x80000000000000003906812Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.452{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.43f3f001596ca9742022-01-11 12:18:40.452root 11241100x80000000000000003906813Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.452{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8983ed0af9a05a3a2022-01-11 12:18:40.452root 11241100x80000000000000003906814Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.452{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc2bd9de46be1fa02022-01-11 12:18:40.452root 11241100x80000000000000003906815Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.453{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4dbd8206a4c048672022-01-11 12:18:40.453root 11241100x80000000000000003906816Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.453{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4949b998217d1342022-01-11 12:18:40.453root 11241100x80000000000000003906817Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.453{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7619e39ae5af9a72022-01-11 12:18:40.453root 11241100x80000000000000003906818Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.453{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c13f9262b13c38a52022-01-11 12:18:40.453root 11241100x80000000000000003906819Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.453{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63ab56daf1333c432022-01-11 12:18:40.453root 11241100x80000000000000003906820Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.453{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4ede8f3f8aca2dc2022-01-11 12:18:40.453root 534500x80000000000000003906821Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.460{ec2d504d-75a0-61dd-68f4-4cf280550000}9855/bin/psroot 11241100x80000000000000003906822Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.44086c74ba00d7f82022-01-11 12:18:40.833root 11241100x80000000000000003906823Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c8d6478a0e0668d2022-01-11 12:18:40.834root 11241100x80000000000000003906824Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.add7328b133ff3e52022-01-11 12:18:40.834root 11241100x80000000000000003906825Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d9f9193a28e0cc22022-01-11 12:18:40.834root 11241100x80000000000000003906826Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1d2232fe86365d92022-01-11 12:18:40.834root 11241100x80000000000000003906827Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95cbd3df4d13bff72022-01-11 12:18:40.834root 11241100x80000000000000003906828Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.98bc88825484d24c2022-01-11 12:18:40.834root 11241100x80000000000000003906829Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48257409da3989c32022-01-11 12:18:40.834root 11241100x80000000000000003906830Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.adca1814770f5cb92022-01-11 12:18:40.834root 11241100x80000000000000003906831Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f4cc577930d55872022-01-11 12:18:40.834root 11241100x80000000000000003906832Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be41620b514a9d052022-01-11 12:18:40.835root 11241100x80000000000000003906833Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e61eabbb387e9ef2022-01-11 12:18:40.835root 11241100x80000000000000003906834Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.968a241deab17d582022-01-11 12:18:40.835root 11241100x80000000000000003906835Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1943c2a8be97b8d72022-01-11 12:18:40.835root 11241100x80000000000000003906836Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d4d7badcecd40dd2022-01-11 12:18:40.835root 11241100x80000000000000003906837Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee7eb1ae84138e432022-01-11 12:18:40.835root 11241100x80000000000000003906838Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e85566adebe931802022-01-11 12:18:40.835root 11241100x80000000000000003906839Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e0697c68a375ff82022-01-11 12:18:40.835root 11241100x80000000000000003906840Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.424bb69843aee8322022-01-11 12:18:40.835root 11241100x80000000000000003906841Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c278a023381ef6f12022-01-11 12:18:40.836root 11241100x80000000000000003906842Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.51f138ce220a97fa2022-01-11 12:18:40.836root 11241100x80000000000000003906843Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.605455c04cd645d02022-01-11 12:18:40.836root 11241100x80000000000000003906844Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b8f84ff758c75bb82022-01-11 12:18:40.836root 11241100x80000000000000003906845Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed526e09735892aa2022-01-11 12:18:40.836root 11241100x80000000000000003906846Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.854acdbb05596ad22022-01-11 12:18:40.836root 11241100x80000000000000003906847Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.45b04adc8f8711552022-01-11 12:18:40.836root 11241100x80000000000000003906848Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba4aabcba910943b2022-01-11 12:18:40.836root 11241100x80000000000000003906849Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.103f6d333f3db57a2022-01-11 12:18:40.836root 11241100x80000000000000003906850Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e5c677847529448d2022-01-11 12:18:40.836root 11241100x80000000000000003906851Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6888b0e69be46592022-01-11 12:18:40.836root 11241100x80000000000000003906852Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f8b2a506284c03f2022-01-11 12:18:40.836root 11241100x80000000000000003906853Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1e8c05074c3c79402022-01-11 12:18:40.836root 11241100x80000000000000003906854Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b784762756f580bb2022-01-11 12:18:40.836root 11241100x80000000000000003906855Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.17cf43f8c90c2be82022-01-11 12:18:41.334root 11241100x80000000000000003906856Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ea7e58fe3ffcf6122022-01-11 12:18:41.334root 11241100x80000000000000003906857Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd2584c1f909f25a2022-01-11 12:18:41.334root 11241100x80000000000000003906858Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.56f54bdd1c0e01692022-01-11 12:18:41.334root 11241100x80000000000000003906859Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ace46ec6e4075712022-01-11 12:18:41.334root 11241100x80000000000000003906860Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.88ed816321fdbd252022-01-11 12:18:41.334root 11241100x80000000000000003906861Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95bc933f9d71cd912022-01-11 12:18:41.334root 11241100x80000000000000003906862Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.703f4fd14a1bb0432022-01-11 12:18:41.334root 11241100x80000000000000003906863Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e9066b138be61212022-01-11 12:18:41.335root 11241100x80000000000000003906864Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.047c7a02215887932022-01-11 12:18:41.335root 11241100x80000000000000003906865Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.677b95edf27011ac2022-01-11 12:18:41.335root 11241100x80000000000000003906866Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ddc20861fadf82e2022-01-11 12:18:41.335root 11241100x80000000000000003906867Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.61ad132ef8366b472022-01-11 12:18:41.335root 11241100x80000000000000003906868Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6cc9d421671c85b2022-01-11 12:18:41.335root 11241100x80000000000000003906869Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76a7bf65969030052022-01-11 12:18:41.335root 11241100x80000000000000003906870Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d09ec75b90316d82022-01-11 12:18:41.335root 11241100x80000000000000003906871Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5da0dbf1b2b639ca2022-01-11 12:18:41.335root 11241100x80000000000000003906872Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4302e2f2c006e7412022-01-11 12:18:41.335root 11241100x80000000000000003906873Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c0483c43aeae9002022-01-11 12:18:41.335root 11241100x80000000000000003906874Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ecf506bcc69aa772022-01-11 12:18:41.335root 11241100x80000000000000003906875Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e592a1820d8dc4b2022-01-11 12:18:41.335root 11241100x80000000000000003906876Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4fe451e1b738cbe12022-01-11 12:18:41.336root 11241100x80000000000000003906877Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.095c802eb7a88d2d2022-01-11 12:18:41.336root 11241100x80000000000000003906878Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8998fb90c84f77142022-01-11 12:18:41.336root 11241100x80000000000000003906879Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2db39d3a082f76452022-01-11 12:18:41.336root 11241100x80000000000000003906880Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.52a11b509d22b6632022-01-11 12:18:41.336root 11241100x80000000000000003906881Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ddae257236759c72022-01-11 12:18:41.336root 11241100x80000000000000003906882Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d482a3161a97690d2022-01-11 12:18:41.336root 11241100x80000000000000003906883Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21f3f086383968e02022-01-11 12:18:41.336root 11241100x80000000000000003906884Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.60fcb89258cbc9312022-01-11 12:18:41.336root 11241100x80000000000000003906885Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d4d92992a974d4692022-01-11 12:18:41.336root 11241100x80000000000000003906886Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2494594fdcef30982022-01-11 12:18:41.834root 11241100x80000000000000003906887Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b748cc6b0c7effe82022-01-11 12:18:41.834root 11241100x80000000000000003906888Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cabc41b2990fceb52022-01-11 12:18:41.834root 11241100x80000000000000003906889Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c74a8c4922cead42022-01-11 12:18:41.834root 11241100x80000000000000003906890Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.55c1e53e5961d0952022-01-11 12:18:41.834root 11241100x80000000000000003906891Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.331a94e73b06a6942022-01-11 12:18:41.835root 11241100x80000000000000003906892Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc63de55c74f2fb32022-01-11 12:18:41.835root 11241100x80000000000000003906893Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c0d7820b3f1538c2022-01-11 12:18:41.835root 11241100x80000000000000003906894Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b80c16aceb1293c82022-01-11 12:18:41.835root 11241100x80000000000000003906895Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.efdcd8e2d8b2c4452022-01-11 12:18:41.835root 11241100x80000000000000003906896Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8ed94c66159ba1f2022-01-11 12:18:41.835root 11241100x80000000000000003906897Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6e1d5c50b161400c2022-01-11 12:18:41.835root 11241100x80000000000000003906898Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d09bc51763002312022-01-11 12:18:41.835root 11241100x80000000000000003906899Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d42e79b3c0f91e4f2022-01-11 12:18:41.835root 11241100x80000000000000003906900Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a761cf344c8f8c012022-01-11 12:18:41.835root 11241100x80000000000000003906901Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.93796b23ad2c7da12022-01-11 12:18:41.835root 11241100x80000000000000003906902Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a665c23ef7bd4792022-01-11 12:18:41.835root 11241100x80000000000000003906903Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e1fd361b471070582022-01-11 12:18:41.835root 11241100x80000000000000003906904Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a335df643ed2e1b2022-01-11 12:18:41.835root 11241100x80000000000000003906905Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91476b2ed62c45ba2022-01-11 12:18:41.836root 11241100x80000000000000003906906Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e3b1d501a41098202022-01-11 12:18:41.836root 11241100x80000000000000003906907Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.64aeda4a7ff27db32022-01-11 12:18:41.836root 11241100x80000000000000003906908Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0113673ac08b536f2022-01-11 12:18:41.836root 11241100x80000000000000003906909Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.177cd40154e9eff22022-01-11 12:18:41.836root 11241100x80000000000000003906910Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0220a9d33609011b2022-01-11 12:18:41.836root 11241100x80000000000000003906911Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8872856e1492fdad2022-01-11 12:18:41.836root 11241100x80000000000000003906912Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a222af1631f8a0872022-01-11 12:18:41.836root 11241100x80000000000000003906913Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc330eba104ee71c2022-01-11 12:18:41.836root 11241100x80000000000000003906914Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bf52df779ff5c1612022-01-11 12:18:41.836root 11241100x80000000000000003906915Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3930183bffa923832022-01-11 12:18:41.836root 11241100x80000000000000003906916Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f613852ac4fca2482022-01-11 12:18:41.836root 11241100x80000000000000003906917Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc4ac66101b2830c2022-01-11 12:18:42.334root 11241100x80000000000000003906918Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.320f8442a71e39172022-01-11 12:18:42.334root 11241100x80000000000000003906919Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c5d4ce2b7e2b18d02022-01-11 12:18:42.334root 11241100x80000000000000003906920Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.298133d572dd01d52022-01-11 12:18:42.334root 11241100x80000000000000003906921Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.12e7a40621ac83ba2022-01-11 12:18:42.334root 11241100x80000000000000003906922Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d68cec1ceb9fb3432022-01-11 12:18:42.334root 11241100x80000000000000003906923Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b46ced6e5dc479122022-01-11 12:18:42.334root 11241100x80000000000000003906924Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6262376d137ba03a2022-01-11 12:18:42.334root 11241100x80000000000000003906925Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6f663fb998a337482022-01-11 12:18:42.334root 11241100x80000000000000003906926Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a3b02ed5f507dc102022-01-11 12:18:42.334root 11241100x80000000000000003906927Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aab2ff9e793d08a02022-01-11 12:18:42.335root 11241100x80000000000000003906928Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.970e3b5dba3e3a042022-01-11 12:18:42.335root 11241100x80000000000000003906929Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c7cda2d660bbc652022-01-11 12:18:42.335root 11241100x80000000000000003906930Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ccd7fe33fbf0dd892022-01-11 12:18:42.335root 11241100x80000000000000003906931Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0508f27044ab6cae2022-01-11 12:18:42.335root 11241100x80000000000000003906932Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.45bf407ba49eda532022-01-11 12:18:42.335root 11241100x80000000000000003906933Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.798f0eb3aeeb05b62022-01-11 12:18:42.335root 11241100x80000000000000003906934Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ee3a88ff3395c8b2022-01-11 12:18:42.335root 11241100x80000000000000003906935Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8f1cddae07216c42022-01-11 12:18:42.335root 11241100x80000000000000003906936Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2ea285eaa8f137b2022-01-11 12:18:42.335root 11241100x80000000000000003906937Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2856f6f0c74b9632022-01-11 12:18:42.335root 11241100x80000000000000003906938Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.555a22572b86e4d82022-01-11 12:18:42.335root 11241100x80000000000000003906939Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.07b518e924adf0562022-01-11 12:18:42.335root 11241100x80000000000000003906940Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6fbf066e8c2fe7192022-01-11 12:18:42.335root 11241100x80000000000000003906941Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.feb3466285deefb32022-01-11 12:18:42.335root 11241100x80000000000000003906942Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b14fa4303819f91d2022-01-11 12:18:42.336root 11241100x80000000000000003906943Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47cc778753b890562022-01-11 12:18:42.336root 11241100x80000000000000003906944Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b369cde3ab7f2f52022-01-11 12:18:42.336root 11241100x80000000000000003906945Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d592ddd53ca22642022-01-11 12:18:42.336root 11241100x80000000000000003906946Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b75ad830f1c74752022-01-11 12:18:42.336root 11241100x80000000000000003906947Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.479f43fb9a957c882022-01-11 12:18:42.336root 11241100x80000000000000003906948Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2b772dc501a0c46e2022-01-11 12:18:42.834root 11241100x80000000000000003906949Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.414defee8e96717f2022-01-11 12:18:42.834root 11241100x80000000000000003906950Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f3220873c6284a52022-01-11 12:18:42.834root 11241100x80000000000000003906951Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.53714d221204309c2022-01-11 12:18:42.834root 11241100x80000000000000003906952Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96e0b559cd50f0662022-01-11 12:18:42.834root 11241100x80000000000000003906953Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0043b1d926f08c6e2022-01-11 12:18:42.834root 11241100x80000000000000003906954Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e3f19450b3e4a3eb2022-01-11 12:18:42.834root 11241100x80000000000000003906955Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.64c3d858364b5a152022-01-11 12:18:42.834root 11241100x80000000000000003906956Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00dccd4bbc9b3a752022-01-11 12:18:42.834root 11241100x80000000000000003906957Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.13e5481d95ab559d2022-01-11 12:18:42.835root 11241100x80000000000000003906958Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f02b0560eb1bd8102022-01-11 12:18:42.835root 11241100x80000000000000003906959Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09657e944d2686292022-01-11 12:18:42.835root 11241100x80000000000000003906960Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eaf577a522882e802022-01-11 12:18:42.835root 11241100x80000000000000003906961Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0298546423bb85f42022-01-11 12:18:42.835root 11241100x80000000000000003906962Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dee24ee79e5819802022-01-11 12:18:42.835root 11241100x80000000000000003906963Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4578512119089a782022-01-11 12:18:42.835root 11241100x80000000000000003906964Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc9c170fb654331a2022-01-11 12:18:42.835root 11241100x80000000000000003906965Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f34563020bf82a4c2022-01-11 12:18:42.835root 11241100x80000000000000003906966Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0f2f80d1c3b59b852022-01-11 12:18:42.835root 11241100x80000000000000003906967Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.16a108bcf5a0d4792022-01-11 12:18:42.836root 11241100x80000000000000003906968Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6427b5300a99dde52022-01-11 12:18:42.836root 11241100x80000000000000003906969Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.75046905824930902022-01-11 12:18:42.836root 11241100x80000000000000003906970Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d0a02ad1f43358d2022-01-11 12:18:42.836root 11241100x80000000000000003906971Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.39c2eeec7c7651042022-01-11 12:18:42.836root 11241100x80000000000000003906972Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.68f4a7347e3628632022-01-11 12:18:42.836root 11241100x80000000000000003906973Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0db95e1fea0d3152022-01-11 12:18:42.836root 11241100x80000000000000003906974Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e87d39601187f492022-01-11 12:18:42.836root 11241100x80000000000000003906975Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8680054eba8fa84c2022-01-11 12:18:42.836root 11241100x80000000000000003906976Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b6db2663075271c2022-01-11 12:18:42.836root 11241100x80000000000000003906977Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.243c8083327445ab2022-01-11 12:18:42.836root 11241100x80000000000000003906978Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f7b57d8e194759fe2022-01-11 12:18:42.837root 11241100x80000000000000003906979Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0233207326dda07e2022-01-11 12:18:43.334root 11241100x80000000000000003906980Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cba6f15b7db1deac2022-01-11 12:18:43.334root 11241100x80000000000000003906981Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.706121ba731f00272022-01-11 12:18:43.335root 11241100x80000000000000003906982Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47290d76b368c6a92022-01-11 12:18:43.335root 11241100x80000000000000003906983Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f39a7a3f68b579382022-01-11 12:18:43.335root 11241100x80000000000000003906984Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.246032029ed5e9832022-01-11 12:18:43.337root 11241100x80000000000000003906985Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c9c9c6dd0ec1d0c52022-01-11 12:18:43.337root 11241100x80000000000000003906986Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.22b612e6bf1de9252022-01-11 12:18:43.337root 11241100x80000000000000003906987Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e5e7bb76cb9d0ed72022-01-11 12:18:43.337root 11241100x80000000000000003906988Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c35d206146e200302022-01-11 12:18:43.337root 11241100x80000000000000003906989Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f31e4da6542d0fc92022-01-11 12:18:43.337root 11241100x80000000000000003906990Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.37f796e5b4fe8fec2022-01-11 12:18:43.337root 11241100x80000000000000003906991Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c03b6aeef8fe3a962022-01-11 12:18:43.337root 11241100x80000000000000003906992Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a853eacb3d5581292022-01-11 12:18:43.337root 11241100x80000000000000003906993Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a18d1b96e28ce8162022-01-11 12:18:43.337root 11241100x80000000000000003906994Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee1dbf0fedb1085b2022-01-11 12:18:43.338root 11241100x80000000000000003906995Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.673224f29cbc1b0d2022-01-11 12:18:43.338root 11241100x80000000000000003906996Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.535448c4e7ed3a292022-01-11 12:18:43.338root 11241100x80000000000000003906997Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1cf7a2f67a7694312022-01-11 12:18:43.338root 11241100x80000000000000003906998Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.340{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c5d554fef04ee0052022-01-11 12:18:43.340root 11241100x80000000000000003906999Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.340{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa6ef8f8a4319d6d2022-01-11 12:18:43.340root 11241100x80000000000000003907000Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.340{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e3f79fbb470f4482022-01-11 12:18:43.340root 11241100x80000000000000003907001Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.340{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6db1afd8072bf382022-01-11 12:18:43.340root 11241100x80000000000000003907002Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.340{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e60a081374a792492022-01-11 12:18:43.340root 11241100x80000000000000003907003Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.341{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.691ece336b5629172022-01-11 12:18:43.341root 11241100x80000000000000003907004Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.341{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38077afb0a4a51432022-01-11 12:18:43.341root 11241100x80000000000000003907005Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.341{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.88ff94acfcf4d32f2022-01-11 12:18:43.341root 11241100x80000000000000003907006Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.341{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ddcdd0f1390650282022-01-11 12:18:43.341root 11241100x80000000000000003907007Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.341{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a517356c4c23df42022-01-11 12:18:43.341root 11241100x80000000000000003907008Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.341{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b5717b94a9dbf87a2022-01-11 12:18:43.341root 11241100x80000000000000003907009Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.341{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fab216b26b58c22a2022-01-11 12:18:43.341root 11241100x80000000000000003907010Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ba31f3c7000b5fa2022-01-11 12:18:43.835root 11241100x80000000000000003907011Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.82bfcb3a467f7f692022-01-11 12:18:43.835root 11241100x80000000000000003907012Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1baaff6bae9b822b2022-01-11 12:18:43.835root 11241100x80000000000000003907013Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.366d5d68ff3f958a2022-01-11 12:18:43.835root 11241100x80000000000000003907014Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e5b232e6d9b2daf2022-01-11 12:18:43.835root 11241100x80000000000000003907015Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.67983fb9bae315132022-01-11 12:18:43.836root 11241100x80000000000000003907016Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba8e12503aff97142022-01-11 12:18:43.836root 11241100x80000000000000003907017Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b8101c2e216f29d02022-01-11 12:18:43.836root 11241100x80000000000000003907018Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c47110541ec52b32022-01-11 12:18:43.836root 11241100x80000000000000003907019Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6db6d74f8b7ec8222022-01-11 12:18:43.836root 11241100x80000000000000003907020Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8fc0bf893a9d8a572022-01-11 12:18:43.836root 11241100x80000000000000003907021Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af69f3dc8e9a58472022-01-11 12:18:43.836root 11241100x80000000000000003907022Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c1f60da77ee3f4fa2022-01-11 12:18:43.837root 11241100x80000000000000003907023Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.43ba9c7d36fe6aa62022-01-11 12:18:43.837root 11241100x80000000000000003907024Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38760166664df8962022-01-11 12:18:43.837root 11241100x80000000000000003907025Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0ab2f17b99d87f802022-01-11 12:18:43.837root 11241100x80000000000000003907026Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f1bb41a05dfb19b32022-01-11 12:18:43.837root 11241100x80000000000000003907027Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.605a8bb5450a274e2022-01-11 12:18:43.837root 11241100x80000000000000003907028Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.240d5e545ae7f6072022-01-11 12:18:43.837root 11241100x80000000000000003907029Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7bc97c2058fb5a6c2022-01-11 12:18:43.837root 11241100x80000000000000003907030Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d467c158db33dc6d2022-01-11 12:18:43.837root 11241100x80000000000000003907031Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.238a419488cec76a2022-01-11 12:18:43.837root 11241100x80000000000000003907032Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5447f1cf4e7b1fc02022-01-11 12:18:43.838root 11241100x80000000000000003907033Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.10f6831c0af0184e2022-01-11 12:18:43.838root 11241100x80000000000000003907034Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6f8060f8e430022b2022-01-11 12:18:43.838root 11241100x80000000000000003907035Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0969b51f5d018f682022-01-11 12:18:43.838root 11241100x80000000000000003907036Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0f5b569c4d4dd03a2022-01-11 12:18:43.838root 11241100x80000000000000003907037Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7931e6d41811835f2022-01-11 12:18:43.838root 11241100x80000000000000003907038Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.61bdce7a459db0ed2022-01-11 12:18:43.839root 11241100x80000000000000003907039Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d78e25f6da8f00562022-01-11 12:18:43.839root 11241100x80000000000000003907040Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9af1557f1508884f2022-01-11 12:18:43.839root 11241100x80000000000000003907041Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.16a33176a931ce082022-01-11 12:18:44.334root 11241100x80000000000000003907042Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6c6ad88afff52cb2022-01-11 12:18:44.334root 11241100x80000000000000003907043Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9dd5d0c6781f26d82022-01-11 12:18:44.335root 11241100x80000000000000003907044Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cdd11450ce43b7ff2022-01-11 12:18:44.335root 11241100x80000000000000003907045Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eed7889ac2c690f52022-01-11 12:18:44.335root 11241100x80000000000000003907046Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.500dd913de0f4cde2022-01-11 12:18:44.335root 11241100x80000000000000003907047Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00debf284ae5f7bb2022-01-11 12:18:44.335root 11241100x80000000000000003907048Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d2fdc2e09f5a2cfc2022-01-11 12:18:44.335root 11241100x80000000000000003907049Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.81d7df0d254dd8c72022-01-11 12:18:44.335root 11241100x80000000000000003907050Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77eeeb54ee0791c12022-01-11 12:18:44.335root 11241100x80000000000000003907051Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fed10234a8a6a6ca2022-01-11 12:18:44.336root 11241100x80000000000000003907052Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d7514b5585f848962022-01-11 12:18:44.336root 11241100x80000000000000003907053Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.18b03685408b61e92022-01-11 12:18:44.336root 11241100x80000000000000003907054Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c741796d6664af772022-01-11 12:18:44.336root 11241100x80000000000000003907055Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3412e25728ac4b712022-01-11 12:18:44.336root 11241100x80000000000000003907056Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee46cdf70a9e64ff2022-01-11 12:18:44.336root 11241100x80000000000000003907057Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.728f02ee3736b8912022-01-11 12:18:44.336root 11241100x80000000000000003907058Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9939fc804890273e2022-01-11 12:18:44.336root 11241100x80000000000000003907059Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7444f022bf844bf22022-01-11 12:18:44.336root 11241100x80000000000000003907060Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a60e31baf3e43ec2022-01-11 12:18:44.336root 11241100x80000000000000003907061Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09788c7ac4e8df122022-01-11 12:18:44.336root 11241100x80000000000000003907062Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ea2564516df308e2022-01-11 12:18:44.336root 11241100x80000000000000003907063Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5bb1b798f0c776d72022-01-11 12:18:44.336root 11241100x80000000000000003907064Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a96d04fb417effc2022-01-11 12:18:44.337root 11241100x80000000000000003907065Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.97380ef1f666fe4c2022-01-11 12:18:44.337root 11241100x80000000000000003907066Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.65f1d1e55d15d1912022-01-11 12:18:44.337root 11241100x80000000000000003907067Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ef2f0a0c727e7e62022-01-11 12:18:44.337root 11241100x80000000000000003907068Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.735a4b77cdc4e6872022-01-11 12:18:44.337root 11241100x80000000000000003907069Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d0e74141b746eea2022-01-11 12:18:44.337root 11241100x80000000000000003907070Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd67fe62cfdb93602022-01-11 12:18:44.337root 11241100x80000000000000003907071Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0458ca8d26b438c72022-01-11 12:18:44.337root 11241100x80000000000000003907072Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91ce123815eadc1b2022-01-11 12:18:44.834root 11241100x80000000000000003907073Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e140875afaf935d42022-01-11 12:18:44.834root 11241100x80000000000000003907074Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.333b207ce042c7422022-01-11 12:18:44.835root 11241100x80000000000000003907075Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.079746754d0d4b852022-01-11 12:18:44.835root 11241100x80000000000000003907076Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.528d3779b66e8ada2022-01-11 12:18:44.835root 11241100x80000000000000003907077Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c47759aefe7834bb2022-01-11 12:18:44.835root 11241100x80000000000000003907078Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1924158a4aa7bd1c2022-01-11 12:18:44.835root 11241100x80000000000000003907079Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.442b66ae7c6960502022-01-11 12:18:44.835root 11241100x80000000000000003907080Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd55714fe13643822022-01-11 12:18:44.835root 11241100x80000000000000003907081Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6fea81763ceb4a072022-01-11 12:18:44.835root 11241100x80000000000000003907082Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3cf5ebc48761cb32022-01-11 12:18:44.835root 11241100x80000000000000003907083Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d745f4802eae7562022-01-11 12:18:44.835root 11241100x80000000000000003907084Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b2ce904a0aad385c2022-01-11 12:18:44.835root 11241100x80000000000000003907085Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69a8821eaaa20ae12022-01-11 12:18:44.835root 11241100x80000000000000003907086Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fbeaedaddf38302b2022-01-11 12:18:44.836root 11241100x80000000000000003907087Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77deef164deed5892022-01-11 12:18:44.836root 11241100x80000000000000003907088Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0fdc04abe31e43f2022-01-11 12:18:44.836root 11241100x80000000000000003907089Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96633d57f43308ae2022-01-11 12:18:44.836root 11241100x80000000000000003907090Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.059cbabfafa4dba92022-01-11 12:18:44.836root 11241100x80000000000000003907091Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0ea11aa62a0bb99e2022-01-11 12:18:44.836root 11241100x80000000000000003907092Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.40770e6c8728d1392022-01-11 12:18:44.836root 11241100x80000000000000003907093Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.083aad4936116ab62022-01-11 12:18:44.836root 11241100x80000000000000003907094Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.114c1c5afb9779892022-01-11 12:18:44.836root 11241100x80000000000000003907095Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6908ec2c0163b6a22022-01-11 12:18:44.836root 11241100x80000000000000003907096Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b511a7c1451a53b2022-01-11 12:18:44.836root 11241100x80000000000000003907097Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f52db33a1acf819d2022-01-11 12:18:44.836root 11241100x80000000000000003907098Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.85c900e82294ca562022-01-11 12:18:44.836root 11241100x80000000000000003907099Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.56899574471afe2c2022-01-11 12:18:44.836root 11241100x80000000000000003907100Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ba2ae7e001d5e1e2022-01-11 12:18:44.836root 11241100x80000000000000003907101Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4faf3caae7b763022022-01-11 12:18:44.837root 11241100x80000000000000003907102Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.998616d5ac889ec02022-01-11 12:18:44.837root 11241100x80000000000000003907103Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af08b58d85837fff2022-01-11 12:18:45.334root 11241100x80000000000000003907104Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ffc3f08b7a53cfbf2022-01-11 12:18:45.334root 11241100x80000000000000003907105Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.098a58ee89869cca2022-01-11 12:18:45.335root 11241100x80000000000000003907106Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de75647a0583aafa2022-01-11 12:18:45.335root 11241100x80000000000000003907107Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9f3cd27a5dbbf9652022-01-11 12:18:45.335root 11241100x80000000000000003907108Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09f7afb4c7de529f2022-01-11 12:18:45.335root 11241100x80000000000000003907109Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.074ed7d827e086c02022-01-11 12:18:45.335root 11241100x80000000000000003907110Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f4f91b296d5b7fe2022-01-11 12:18:45.335root 11241100x80000000000000003907111Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.62ecaacaa6a2359c2022-01-11 12:18:45.335root 11241100x80000000000000003907112Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a2814687e140fdb22022-01-11 12:18:45.335root 11241100x80000000000000003907113Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0130b6c2afe6d27b2022-01-11 12:18:45.335root 11241100x80000000000000003907114Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6fcfa7ae87024a472022-01-11 12:18:45.335root 11241100x80000000000000003907115Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a2280d93a1b7b4f22022-01-11 12:18:45.335root 11241100x80000000000000003907116Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dcd9c57906237f612022-01-11 12:18:45.335root 11241100x80000000000000003907117Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38f3e1c5bf5943372022-01-11 12:18:45.335root 11241100x80000000000000003907118Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.30ad426f74dd8f7c2022-01-11 12:18:45.335root 11241100x80000000000000003907119Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1b267a259442eca2022-01-11 12:18:45.335root 11241100x80000000000000003907120Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d4c7bb19f4ff4eba2022-01-11 12:18:45.336root 11241100x80000000000000003907121Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b1b33f7b7472ae792022-01-11 12:18:45.336root 11241100x80000000000000003907122Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.52b447bab045714b2022-01-11 12:18:45.336root 11241100x80000000000000003907123Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a344b02e5c3cf54e2022-01-11 12:18:45.336root 11241100x80000000000000003907124Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e3863c35bf96f50f2022-01-11 12:18:45.336root 11241100x80000000000000003907125Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.676d2c7b915628222022-01-11 12:18:45.336root 11241100x80000000000000003907126Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8bd886569938eac2022-01-11 12:18:45.336root 11241100x80000000000000003907127Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f0928012de6989f02022-01-11 12:18:45.336root 11241100x80000000000000003907128Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.32c0bab09455d8062022-01-11 12:18:45.336root 11241100x80000000000000003907129Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb170fba7dc105482022-01-11 12:18:45.336root 11241100x80000000000000003907130Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.afaf1277a02a07a82022-01-11 12:18:45.337root 11241100x80000000000000003907131Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.22f110f26e170c962022-01-11 12:18:45.337root 11241100x80000000000000003907132Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96cafe0680f6e73f2022-01-11 12:18:45.337root 11241100x80000000000000003907133Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc5384374b8536b32022-01-11 12:18:45.337root 11241100x80000000000000003907134Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.980dec2f5bc9b1272022-01-11 12:18:45.834root 11241100x80000000000000003907135Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.866d4cf3beab00a92022-01-11 12:18:45.835root 11241100x80000000000000003907136Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ff0e4c6f042cbba2022-01-11 12:18:45.835root 11241100x80000000000000003907137Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa88296dd69842ae2022-01-11 12:18:45.835root 11241100x80000000000000003907138Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96cbffd8686e6ab32022-01-11 12:18:45.835root 11241100x80000000000000003907139Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2107f043f577afe62022-01-11 12:18:45.835root 11241100x80000000000000003907140Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e253ddb0503fdcef2022-01-11 12:18:45.835root 11241100x80000000000000003907141Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa868555eafbe26c2022-01-11 12:18:45.835root 11241100x80000000000000003907142Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.511413c05cd2cb6f2022-01-11 12:18:45.835root 11241100x80000000000000003907143Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.55cf18044a32d7732022-01-11 12:18:45.835root 11241100x80000000000000003907144Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a5eaf6f9ae17d1132022-01-11 12:18:45.835root 11241100x80000000000000003907145Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.06d68faa3e4ac71a2022-01-11 12:18:45.835root 11241100x80000000000000003907146Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.780af0d60b136d5b2022-01-11 12:18:45.835root 11241100x80000000000000003907147Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.161ece275d2d3acb2022-01-11 12:18:45.835root 11241100x80000000000000003907148Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69ccef8bfd9cddf32022-01-11 12:18:45.836root 11241100x80000000000000003907149Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c9e08edcbec4e1632022-01-11 12:18:45.836root 11241100x80000000000000003907150Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f29efe85369237de2022-01-11 12:18:45.836root 11241100x80000000000000003907151Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b5276cd5cbbd76b2022-01-11 12:18:45.836root 11241100x80000000000000003907152Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bbfe3546737d2e9a2022-01-11 12:18:45.836root 11241100x80000000000000003907153Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df23aa4fec2e28d92022-01-11 12:18:45.836root 11241100x80000000000000003907154Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b5fb9a313728d712022-01-11 12:18:45.836root 11241100x80000000000000003907155Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ea2a4de68e43d952022-01-11 12:18:45.836root 11241100x80000000000000003907156Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25287456aa40c1c62022-01-11 12:18:45.836root 11241100x80000000000000003907157Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d690718de77a2302022-01-11 12:18:45.836root 11241100x80000000000000003907158Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.55da93df75b359f92022-01-11 12:18:45.836root 11241100x80000000000000003907159Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1e03ace0c615f21e2022-01-11 12:18:45.836root 11241100x80000000000000003907160Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f884524aafd9ce32022-01-11 12:18:45.836root 11241100x80000000000000003907161Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95cd5385db2efefe2022-01-11 12:18:45.837root 11241100x80000000000000003907162Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bae7de1f971644ac2022-01-11 12:18:45.837root 11241100x80000000000000003907163Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.67e4457f7db9b4a22022-01-11 12:18:45.837root 11241100x80000000000000003907164Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3bd1afc5f62514942022-01-11 12:18:45.837root 354300x80000000000000003907165Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.109{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56254-false10.0.1.12-8000- 11241100x80000000000000003907166Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.110{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6d557b1b3e17f652022-01-11 12:18:46.110root 11241100x80000000000000003907167Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.110{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7a82e5853333c7e2022-01-11 12:18:46.110root 11241100x80000000000000003907168Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.111{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ab3e1deca2fbd3e2022-01-11 12:18:46.111root 11241100x80000000000000003907169Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.111{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ad20e26091e70462022-01-11 12:18:46.111root 11241100x80000000000000003907170Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.111{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4f01c5e028e4a742022-01-11 12:18:46.111root 11241100x80000000000000003907171Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.111{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3857134cbdfff7b62022-01-11 12:18:46.111root 11241100x80000000000000003907172Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.111{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f9d3f753325a89a42022-01-11 12:18:46.111root 11241100x80000000000000003907173Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.111{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc5d2d1a736e6e212022-01-11 12:18:46.111root 11241100x80000000000000003907174Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.112{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.11a78cb544c2e0d72022-01-11 12:18:46.112root 11241100x80000000000000003907175Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.112{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1dc52e4457753aa12022-01-11 12:18:46.112root 11241100x80000000000000003907176Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.112{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1725918b86c817032022-01-11 12:18:46.112root 11241100x80000000000000003907177Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.112{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f81238475f07fc52022-01-11 12:18:46.112root 11241100x80000000000000003907178Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.112{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.79bb31dc6c3a60c02022-01-11 12:18:46.112root 11241100x80000000000000003907179Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.112{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6bbd623b46020ee2022-01-11 12:18:46.112root 11241100x80000000000000003907180Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.112{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ca019b2a80b53ad2022-01-11 12:18:46.112root 11241100x80000000000000003907181Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.112{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.827116864abc0c4c2022-01-11 12:18:46.112root 11241100x80000000000000003907182Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.112{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6f80aaed0d193e32022-01-11 12:18:46.112root 11241100x80000000000000003907183Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.112{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd0cf93ef2deca9f2022-01-11 12:18:46.112root 11241100x80000000000000003907184Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.113{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.058fcdfb9b3e6a932022-01-11 12:18:46.113root 11241100x80000000000000003907185Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.113{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.06c6b184a374968f2022-01-11 12:18:46.113root 11241100x80000000000000003907186Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.113{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0e1dd04aa2786fd2022-01-11 12:18:46.113root 11241100x80000000000000003907187Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.113{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.08fad1710da97a502022-01-11 12:18:46.113root 11241100x80000000000000003907188Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.113{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.52fd128c808703402022-01-11 12:18:46.113root 11241100x80000000000000003907189Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.113{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c3e5cabfe52e4782022-01-11 12:18:46.113root 11241100x80000000000000003907190Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.113{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9b021028ec7426d2022-01-11 12:18:46.113root 11241100x80000000000000003907191Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.113{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.537cb62e2f488e042022-01-11 12:18:46.113root 11241100x80000000000000003907192Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.113{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.39442bfce89350172022-01-11 12:18:46.113root 11241100x80000000000000003907193Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.114{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3872e8dde1155f4a2022-01-11 12:18:46.114root 11241100x80000000000000003907194Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.114{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2abb078282817ae02022-01-11 12:18:46.114root 11241100x80000000000000003907195Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.114{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d184884fda9f84d42022-01-11 12:18:46.114root 11241100x80000000000000003907196Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.114{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7cc146e80d460e0d2022-01-11 12:18:46.114root 11241100x80000000000000003907197Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.114{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.edc33c7c55c9f48e2022-01-11 12:18:46.114root 11241100x80000000000000003907198Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.114{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1809a312a52c5c4b2022-01-11 12:18:46.114root 11241100x80000000000000003907199Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.01602d55051065f22022-01-11 12:18:46.583root 11241100x80000000000000003907200Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.685b34924ab21a012022-01-11 12:18:46.583root 11241100x80000000000000003907201Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f90cbf98b2fcb20f2022-01-11 12:18:46.583root 11241100x80000000000000003907202Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.abf09a1fb57da2a12022-01-11 12:18:46.583root 11241100x80000000000000003907203Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae4ea88782eb745d2022-01-11 12:18:46.584root 11241100x80000000000000003907204Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e2c7569f38cbb6452022-01-11 12:18:46.584root 11241100x80000000000000003907205Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c7e84a5d5c2a1ae72022-01-11 12:18:46.584root 11241100x80000000000000003907206Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6fa79d5db96444312022-01-11 12:18:46.584root 11241100x80000000000000003907207Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ffeba8ed74397a62022-01-11 12:18:46.584root 11241100x80000000000000003907208Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d10d821cf81bca592022-01-11 12:18:46.584root 11241100x80000000000000003907209Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ebb0146dddda4522022-01-11 12:18:46.584root 11241100x80000000000000003907210Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2126af6a0c38fea62022-01-11 12:18:46.585root 11241100x80000000000000003907211Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4eeed4a9e360c8672022-01-11 12:18:46.585root 11241100x80000000000000003907212Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a4a1b41f002161092022-01-11 12:18:46.585root 11241100x80000000000000003907213Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.65e5848ab9a49a8c2022-01-11 12:18:46.585root 11241100x80000000000000003907214Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c597570a4ccaf76e2022-01-11 12:18:46.585root 11241100x80000000000000003907215Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.744df4fa2dc869562022-01-11 12:18:46.585root 11241100x80000000000000003907216Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c67bd965f30f68a12022-01-11 12:18:46.585root 11241100x80000000000000003907217Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.52b0d3793a38e1132022-01-11 12:18:46.586root 11241100x80000000000000003907218Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e0c6536351b8c1c2022-01-11 12:18:46.586root 11241100x80000000000000003907219Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.efa712f2bc86cd102022-01-11 12:18:46.586root 11241100x80000000000000003907220Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.70cfad6a69b74c712022-01-11 12:18:46.586root 11241100x80000000000000003907221Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.50f78d8b23fef6b12022-01-11 12:18:46.586root 11241100x80000000000000003907222Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69aa4c958d4423cc2022-01-11 12:18:46.586root 11241100x80000000000000003907223Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aac8867486ac61752022-01-11 12:18:46.587root 11241100x80000000000000003907224Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.399f9c3dd500a7212022-01-11 12:18:46.587root 11241100x80000000000000003907225Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2a8861ef879d85cf2022-01-11 12:18:46.587root 11241100x80000000000000003907226Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25bfe060255c40d42022-01-11 12:18:46.587root 11241100x80000000000000003907227Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba46c155f98147232022-01-11 12:18:46.587root 11241100x80000000000000003907228Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.609776b0e94941292022-01-11 12:18:46.587root 11241100x80000000000000003907229Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b24232bb2ed57cd2022-01-11 12:18:46.588root 11241100x80000000000000003907230Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d45a5b2d1aa7f862022-01-11 12:18:46.588root 11241100x80000000000000003907231Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d742911a572bd2942022-01-11 12:18:47.083root 11241100x80000000000000003907232Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.64eed3e7a5db361b2022-01-11 12:18:47.083root 11241100x80000000000000003907233Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2bfe243f50c697d62022-01-11 12:18:47.084root 11241100x80000000000000003907234Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.011941776ad360162022-01-11 12:18:47.084root 11241100x80000000000000003907235Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.45e756fdeb6091c02022-01-11 12:18:47.084root 11241100x80000000000000003907236Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2f7c1dca4fd280c2022-01-11 12:18:47.084root 11241100x80000000000000003907237Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd2e21632cab4f3b2022-01-11 12:18:47.085root 11241100x80000000000000003907238Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5149cb65705d96982022-01-11 12:18:47.085root 11241100x80000000000000003907239Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba5c7ffa067207b22022-01-11 12:18:47.085root 11241100x80000000000000003907240Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.86222356bf08f7042022-01-11 12:18:47.085root 11241100x80000000000000003907241Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.71527efd39a7ff642022-01-11 12:18:47.085root 11241100x80000000000000003907242Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1e186116db622f622022-01-11 12:18:47.085root 11241100x80000000000000003907243Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cb7071c73cb673722022-01-11 12:18:47.085root 11241100x80000000000000003907244Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95d152d98f9e6e2b2022-01-11 12:18:47.086root 11241100x80000000000000003907245Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b324c77bccf195a62022-01-11 12:18:47.086root 11241100x80000000000000003907246Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02d056415c58616f2022-01-11 12:18:47.086root 11241100x80000000000000003907247Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ecc736d9f67690052022-01-11 12:18:47.086root 11241100x80000000000000003907248Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.daa2badb1935bceb2022-01-11 12:18:47.086root 11241100x80000000000000003907249Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae794ded3b18d4ef2022-01-11 12:18:47.086root 11241100x80000000000000003907250Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0828bac0d91397c72022-01-11 12:18:47.086root 11241100x80000000000000003907251Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ae5b9375c7d02722022-01-11 12:18:47.087root 11241100x80000000000000003907252Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c47192bf6042ed542022-01-11 12:18:47.087root 11241100x80000000000000003907253Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4d82a163ab6b30232022-01-11 12:18:47.087root 11241100x80000000000000003907254Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21d11e8469cf8f052022-01-11 12:18:47.087root 11241100x80000000000000003907255Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.895f8673da2720202022-01-11 12:18:47.087root 11241100x80000000000000003907256Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b1f827df36ca7bd2022-01-11 12:18:47.087root 11241100x80000000000000003907257Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96ad6c2ae0dfe8aa2022-01-11 12:18:47.087root 11241100x80000000000000003907258Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df2c24ece89afea72022-01-11 12:18:47.090root 11241100x80000000000000003907259Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4bb293b415999be12022-01-11 12:18:47.090root 11241100x80000000000000003907260Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3012fad6bb2ff1dd2022-01-11 12:18:47.090root 11241100x80000000000000003907261Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b81fa04148f2aa972022-01-11 12:18:47.090root 11241100x80000000000000003907262Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.efa4859524ddd4b32022-01-11 12:18:47.090root 11241100x80000000000000003907263Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc4a080339df298d2022-01-11 12:18:47.090root 11241100x80000000000000003907264Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.925aef0bf71ca74d2022-01-11 12:18:47.090root 11241100x80000000000000003907265Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb7f2196cb042e9d2022-01-11 12:18:47.091root 11241100x80000000000000003907266Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.80a7cd61c0abdd482022-01-11 12:18:47.091root 11241100x80000000000000003907267Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8d2e70e9826c0972022-01-11 12:18:47.583root 11241100x80000000000000003907268Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ab109f1f15d34f1d2022-01-11 12:18:47.584root 11241100x80000000000000003907269Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.866bfc5c11f804eb2022-01-11 12:18:47.584root 11241100x80000000000000003907270Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dab52c494c0293592022-01-11 12:18:47.584root 11241100x80000000000000003907271Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.896a90e1eab1245b2022-01-11 12:18:47.584root 11241100x80000000000000003907272Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f215ee374341b8e52022-01-11 12:18:47.584root 11241100x80000000000000003907273Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f1e6ac7ef5c404ec2022-01-11 12:18:47.585root 11241100x80000000000000003907274Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.140974a1d6378de32022-01-11 12:18:47.585root 11241100x80000000000000003907275Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a7eb42f95ea0d1892022-01-11 12:18:47.585root 11241100x80000000000000003907276Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00c1bb9d28c01daa2022-01-11 12:18:47.585root 11241100x80000000000000003907277Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8cf7b0b5a9b15ea12022-01-11 12:18:47.585root 11241100x80000000000000003907278Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b524eda6b5d72b02022-01-11 12:18:47.585root 11241100x80000000000000003907279Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ec749f6d48b2d492022-01-11 12:18:47.585root 11241100x80000000000000003907280Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.78c39553d83983772022-01-11 12:18:47.586root 11241100x80000000000000003907281Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.62752c833e092fdd2022-01-11 12:18:47.586root 11241100x80000000000000003907282Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cbc3291d89a5944e2022-01-11 12:18:47.586root 11241100x80000000000000003907283Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2122ce5ed9a7171b2022-01-11 12:18:47.586root 11241100x80000000000000003907284Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.17995800c6f654a82022-01-11 12:18:47.586root 11241100x80000000000000003907285Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da9f8c200706f0962022-01-11 12:18:47.586root 11241100x80000000000000003907286Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bed1be9a0c8d07182022-01-11 12:18:47.586root 11241100x80000000000000003907287Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69ef44116bb139292022-01-11 12:18:47.586root 11241100x80000000000000003907288Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.65350a451bef79cf2022-01-11 12:18:47.586root 11241100x80000000000000003907289Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6527182be45eab82022-01-11 12:18:47.586root 11241100x80000000000000003907290Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd851b7075d423ec2022-01-11 12:18:47.586root 11241100x80000000000000003907291Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.591cb88fe0f2e09d2022-01-11 12:18:47.586root 11241100x80000000000000003907292Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.57207401a73b1df62022-01-11 12:18:47.586root 11241100x80000000000000003907293Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2e1679d6e32a9d72022-01-11 12:18:47.587root 11241100x80000000000000003907294Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ca26a602652054d2022-01-11 12:18:47.587root 11241100x80000000000000003907295Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc1a328fa1dd0a5b2022-01-11 12:18:47.587root 11241100x80000000000000003907296Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9836f479c0172a462022-01-11 12:18:47.587root 11241100x80000000000000003907297Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.618bed22941d5e8b2022-01-11 12:18:47.587root 11241100x80000000000000003907298Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6fdcb4a20754852f2022-01-11 12:18:47.587root 11241100x80000000000000003907299Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.149edb503cfa1d0e2022-01-11 12:18:47.587root 11241100x80000000000000003907300Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9775906e2ebed9fd2022-01-11 12:18:47.587root 11241100x80000000000000003907301Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a5aa21cdc6d2c0262022-01-11 12:18:47.587root 11241100x80000000000000003907302Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1579a9e2705c78a52022-01-11 12:18:47.587root 11241100x80000000000000003907303Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f4f305b92e0d3d12022-01-11 12:18:48.083root 11241100x80000000000000003907304Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c204859d51339412022-01-11 12:18:48.083root 11241100x80000000000000003907305Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3c096aece8d60662022-01-11 12:18:48.083root 11241100x80000000000000003907306Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3df7ccead58d36c12022-01-11 12:18:48.083root 11241100x80000000000000003907307Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8220856ac68c1dcf2022-01-11 12:18:48.084root 11241100x80000000000000003907308Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.06d7d604eb4da2ad2022-01-11 12:18:48.084root 11241100x80000000000000003907309Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.10bbd746096a06bd2022-01-11 12:18:48.084root 11241100x80000000000000003907310Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cb7cd591e219dc842022-01-11 12:18:48.084root 11241100x80000000000000003907311Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.492cdbc11b12db152022-01-11 12:18:48.084root 11241100x80000000000000003907312Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db0c569ef670ae962022-01-11 12:18:48.084root 11241100x80000000000000003907313Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5968432f3e8d78112022-01-11 12:18:48.084root 11241100x80000000000000003907314Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a99a34007ed6e212022-01-11 12:18:48.084root 11241100x80000000000000003907315Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ecfe98ab5e4765212022-01-11 12:18:48.084root 11241100x80000000000000003907316Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fbf367c4f4afbcf62022-01-11 12:18:48.085root 11241100x80000000000000003907317Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a3421d39c9560adc2022-01-11 12:18:48.085root 11241100x80000000000000003907318Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.89e46fb2752a67982022-01-11 12:18:48.085root 11241100x80000000000000003907319Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a276c30dca8238bf2022-01-11 12:18:48.085root 11241100x80000000000000003907320Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba0548716a5d89842022-01-11 12:18:48.086root 11241100x80000000000000003907321Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eeabe72ea13dea1c2022-01-11 12:18:48.086root 11241100x80000000000000003907322Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.843cb27af9b7b1f72022-01-11 12:18:48.086root 11241100x80000000000000003907323Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d4596b0d7794b622022-01-11 12:18:48.086root 11241100x80000000000000003907324Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f54388b2435af0f22022-01-11 12:18:48.086root 11241100x80000000000000003907325Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23e44f108d21c25e2022-01-11 12:18:48.086root 11241100x80000000000000003907326Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2cec4acf1c8af32a2022-01-11 12:18:48.087root 11241100x80000000000000003907327Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.65121ea9e51ed2c92022-01-11 12:18:48.087root 11241100x80000000000000003907328Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bf74c0631ed50dc12022-01-11 12:18:48.087root 11241100x80000000000000003907329Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21748f8854a976872022-01-11 12:18:48.087root 11241100x80000000000000003907330Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d8c2e6ac2b33eae2022-01-11 12:18:48.087root 11241100x80000000000000003907331Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f46a0b34aa7922ee2022-01-11 12:18:48.087root 11241100x80000000000000003907332Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bdb97a2e3a64d05b2022-01-11 12:18:48.088root 11241100x80000000000000003907333Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8a170a107cdda62a2022-01-11 12:18:48.088root 11241100x80000000000000003907334Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f14bd40b58a3927e2022-01-11 12:18:48.088root 354300x80000000000000003907335Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.105{ec2d504d-f0f9-61db-30a8-2a40f5550000}5391/opt/splunkforwarder/bin/splunkdroottcpfalsefalse23.91.96.133-31638-false10.0.1.25-8089- 11241100x80000000000000003907336Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.80d92e2c412c62d62022-01-11 12:18:48.583root 11241100x80000000000000003907337Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.51fa33eb951d03122022-01-11 12:18:48.583root 11241100x80000000000000003907338Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d187c37dbb339d752022-01-11 12:18:48.584root 11241100x80000000000000003907339Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.342c940eb0e3dc632022-01-11 12:18:48.584root 11241100x80000000000000003907340Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c7cb336416c96e132022-01-11 12:18:48.584root 11241100x80000000000000003907341Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.87561779a033564f2022-01-11 12:18:48.584root 11241100x80000000000000003907342Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0884d00f5364ee352022-01-11 12:18:48.584root 11241100x80000000000000003907343Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f24f965be2ceddea2022-01-11 12:18:48.584root 11241100x80000000000000003907344Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a20a0f492c60fa932022-01-11 12:18:48.584root 11241100x80000000000000003907345Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f212d00b477443ab2022-01-11 12:18:48.584root 11241100x80000000000000003907346Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dcda0d4f3fe6ba4a2022-01-11 12:18:48.584root 11241100x80000000000000003907347Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48402cff252060a12022-01-11 12:18:48.584root 11241100x80000000000000003907348Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bf8dc588c45f9c272022-01-11 12:18:48.585root 11241100x80000000000000003907349Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.88083b866329dc672022-01-11 12:18:48.585root 11241100x80000000000000003907350Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3168a73f06cbf8112022-01-11 12:18:48.585root 11241100x80000000000000003907351Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da836197af7bda7a2022-01-11 12:18:48.585root 11241100x80000000000000003907352Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce60292f65c15fff2022-01-11 12:18:48.585root 11241100x80000000000000003907353Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6062a8e59b7246372022-01-11 12:18:48.585root 11241100x80000000000000003907354Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f63b94e1b6e76fc32022-01-11 12:18:48.585root 11241100x80000000000000003907355Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.46063f6af988b52f2022-01-11 12:18:48.585root 11241100x80000000000000003907356Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.36e772b4a7e9460b2022-01-11 12:18:48.585root 11241100x80000000000000003907357Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.984989ef14c33c0b2022-01-11 12:18:48.585root 11241100x80000000000000003907358Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.04d92ac77d31f7062022-01-11 12:18:48.585root 11241100x80000000000000003907359Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.18a2574b6c2b24fa2022-01-11 12:18:48.585root 11241100x80000000000000003907360Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f2364113efecff802022-01-11 12:18:48.585root 11241100x80000000000000003907361Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.44de78dc0fdf24fd2022-01-11 12:18:48.585root 11241100x80000000000000003907362Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eea8a70d587829ac2022-01-11 12:18:48.585root 11241100x80000000000000003907363Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9f741d241beff9fd2022-01-11 12:18:48.585root 11241100x80000000000000003907364Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d40296b496243edb2022-01-11 12:18:48.586root 11241100x80000000000000003907365Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aefe2d0e67c259ca2022-01-11 12:18:48.586root 11241100x80000000000000003907366Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6acfb50b05814ce12022-01-11 12:18:48.586root 11241100x80000000000000003907367Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff5de326d72ba5012022-01-11 12:18:48.586root 11241100x80000000000000003907368Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.93997c21ebafb8f02022-01-11 12:18:48.586root 11241100x80000000000000003907369Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b1ce2def4ce1ab7a2022-01-11 12:18:48.586root 11241100x80000000000000003907370Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ee11244d1b9bb532022-01-11 12:18:48.586root 11241100x80000000000000003907371Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3071a469329807ab2022-01-11 12:18:48.586root 11241100x80000000000000003907372Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a849d7185abccd362022-01-11 12:18:48.586root 11241100x80000000000000003907373Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.40c975a4adfb9b522022-01-11 12:18:48.586root 11241100x80000000000000003907374Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f4e213c0df9d4dcd2022-01-11 12:18:48.586root 11241100x80000000000000003907375Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.19b194a1d3b1d9492022-01-11 12:18:48.586root 11241100x80000000000000003907376Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c7465381a96ffe0e2022-01-11 12:18:48.586root 11241100x80000000000000003907377Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff4bca0aba79d5ea2022-01-11 12:18:48.586root 11241100x80000000000000003907378Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.49551d5df4ba346e2022-01-11 12:18:48.586root 11241100x80000000000000003907379Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.32495c63f6b62f6c2022-01-11 12:18:48.586root 11241100x80000000000000003907380Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8ee43cdd6c735e22022-01-11 12:18:48.587root 11241100x80000000000000003907381Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd2c10bf2faece6f2022-01-11 12:18:49.083root 11241100x80000000000000003907382Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7de60378b25ba68d2022-01-11 12:18:49.083root 11241100x80000000000000003907383Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8baca49a6e07844e2022-01-11 12:18:49.083root 11241100x80000000000000003907384Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1456b216f13d30f52022-01-11 12:18:49.083root 11241100x80000000000000003907385Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe29cc9c7cf3bf602022-01-11 12:18:49.084root 11241100x80000000000000003907386Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac3d56bd32ee9b822022-01-11 12:18:49.084root 11241100x80000000000000003907387Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.985e8b7391071a5e2022-01-11 12:18:49.084root 11241100x80000000000000003907388Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.03f388674aa2f7c72022-01-11 12:18:49.084root 11241100x80000000000000003907389Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2bf728d0cef5fda02022-01-11 12:18:49.084root 11241100x80000000000000003907390Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b4277baa27b4aa72022-01-11 12:18:49.084root 11241100x80000000000000003907391Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c011f1c3ddf5bcd2022-01-11 12:18:49.084root 11241100x80000000000000003907392Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c1b4e122b8526c92022-01-11 12:18:49.084root 11241100x80000000000000003907393Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d30425b0bb733212022-01-11 12:18:49.084root 11241100x80000000000000003907394Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b1e88351dc05519e2022-01-11 12:18:49.084root 11241100x80000000000000003907395Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ef584aa34010eec2022-01-11 12:18:49.085root 11241100x80000000000000003907396Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.344c67bb64b87b0f2022-01-11 12:18:49.085root 11241100x80000000000000003907397Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0bdb636b3eec7ce42022-01-11 12:18:49.085root 11241100x80000000000000003907398Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ab0ff82bd6e0fb332022-01-11 12:18:49.085root 11241100x80000000000000003907399Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef01375a0dd9e6bc2022-01-11 12:18:49.085root 11241100x80000000000000003907400Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b3d002545add4e42022-01-11 12:18:49.085root 11241100x80000000000000003907401Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33d43306e9006c692022-01-11 12:18:49.085root 11241100x80000000000000003907402Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2cf8963b61ee195a2022-01-11 12:18:49.085root 11241100x80000000000000003907403Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.134359b78f7cefc22022-01-11 12:18:49.085root 11241100x80000000000000003907404Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2cb7eeee42bed4042022-01-11 12:18:49.085root 11241100x80000000000000003907405Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e6ecb58dda47ace2022-01-11 12:18:49.085root 11241100x80000000000000003907406Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a55a1272fa31eda42022-01-11 12:18:49.086root 11241100x80000000000000003907407Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a61b90ee1be77ca2022-01-11 12:18:49.086root 11241100x80000000000000003907408Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.574f851aafc151a02022-01-11 12:18:49.086root 11241100x80000000000000003907409Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0bdaea71f851780b2022-01-11 12:18:49.086root 11241100x80000000000000003907410Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.442de8593708b73e2022-01-11 12:18:49.086root 11241100x80000000000000003907411Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.67092dd4eb66d8362022-01-11 12:18:49.086root 11241100x80000000000000003907412Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76477591d42c75002022-01-11 12:18:49.086root 11241100x80000000000000003907413Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1e09ede83a7a69d02022-01-11 12:18:49.086root 11241100x80000000000000003907414Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa8f8434830a947c2022-01-11 12:18:49.086root 11241100x80000000000000003907415Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd281f954343c56e2022-01-11 12:18:49.086root 11241100x80000000000000003907416Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b7f7f0c42b92ed72022-01-11 12:18:49.086root 11241100x80000000000000003907417Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.35036bb16f3cccf32022-01-11 12:18:49.086root 11241100x80000000000000003907418Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.18abbfe0a32ee0b92022-01-11 12:18:49.086root 354300x80000000000000003907419Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.351{ec2d504d-f0f9-61db-30a8-2a40f5550000}5391/opt/splunkforwarder/bin/splunkdroottcpfalsefalse23.91.96.133-32510-false10.0.1.25-8089- 11241100x80000000000000003907420Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.352{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ca2fb96605608522022-01-11 12:18:49.352root 11241100x80000000000000003907421Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.352{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0853dd1f3afd04502022-01-11 12:18:49.352root 11241100x80000000000000003907422Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.352{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8566777c80c0a8922022-01-11 12:18:49.352root 11241100x80000000000000003907423Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.352{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6843f9d1cb5a29352022-01-11 12:18:49.352root 11241100x80000000000000003907424Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.352{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f788d5fc223f9d7f2022-01-11 12:18:49.352root 11241100x80000000000000003907425Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.352{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0af9878ce343c2c2022-01-11 12:18:49.352root 11241100x80000000000000003907426Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.353{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.68e9d26e2f18e7852022-01-11 12:18:49.353root 11241100x80000000000000003907427Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.353{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e2b24bc9eb516e792022-01-11 12:18:49.353root 11241100x80000000000000003907428Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.353{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.171a9b69737c3e762022-01-11 12:18:49.353root 11241100x80000000000000003907429Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.353{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba9488114d38d75e2022-01-11 12:18:49.353root 11241100x80000000000000003907430Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.353{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c60a67bee278dc42022-01-11 12:18:49.353root 11241100x80000000000000003907431Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.353{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f25a80ae68afc2af2022-01-11 12:18:49.353root 11241100x80000000000000003907432Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.353{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.688dbe8b6e6c28082022-01-11 12:18:49.353root 11241100x80000000000000003907433Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.354{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76d4521975c79f812022-01-11 12:18:49.354root 11241100x80000000000000003907434Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.354{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e8a4cd186de88be2022-01-11 12:18:49.354root 11241100x80000000000000003907435Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.354{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd19400d4f0cd1762022-01-11 12:18:49.354root 11241100x80000000000000003907436Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.354{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bae029235375870f2022-01-11 12:18:49.354root 11241100x80000000000000003907437Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.354{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.470d9f383e1688b02022-01-11 12:18:49.354root 11241100x80000000000000003907438Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.354{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7571d311215f641e2022-01-11 12:18:49.354root 11241100x80000000000000003907439Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.354{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3806acc8577ae2492022-01-11 12:18:49.354root 11241100x80000000000000003907440Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.354{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.472723bd7716e4802022-01-11 12:18:49.354root 11241100x80000000000000003907441Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.355{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b9f13979ef99e2c2022-01-11 12:18:49.355root 11241100x80000000000000003907442Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.355{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5bbd62638afa118b2022-01-11 12:18:49.355root 11241100x80000000000000003907443Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.355{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95727df9c60d749a2022-01-11 12:18:49.355root 11241100x80000000000000003907444Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.355{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c8876f8ef8a919b2022-01-11 12:18:49.355root 11241100x80000000000000003907445Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.355{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.92e0baf3ed3fb2a02022-01-11 12:18:49.355root 11241100x80000000000000003907446Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.355{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.caf19baedee758a92022-01-11 12:18:49.355root 11241100x80000000000000003907447Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.355{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.237e63e521f723ed2022-01-11 12:18:49.355root 11241100x80000000000000003907448Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.355{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.57ef408c22dfd3be2022-01-11 12:18:49.355root 11241100x80000000000000003907449Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.355{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69a25fc60068c12a2022-01-11 12:18:49.355root 11241100x80000000000000003907450Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.355{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.86dfdc0a331674ce2022-01-11 12:18:49.355root 11241100x80000000000000003907451Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.356{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc681c9d959fb3d42022-01-11 12:18:49.356root 11241100x80000000000000003907452Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.358{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.913a09e19337986a2022-01-11 12:18:49.358root 11241100x80000000000000003907453Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.358{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.874682fd5d8848492022-01-11 12:18:49.358root 11241100x80000000000000003907454Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.359{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90ff9c1f95a9d4572022-01-11 12:18:49.359root 11241100x80000000000000003907455Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.359{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.025da13cb3a4d0d22022-01-11 12:18:49.359root 11241100x80000000000000003907456Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.359{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e1ee6f82b6e813ab2022-01-11 12:18:49.359root 11241100x80000000000000003907457Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.359{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d0e767b1e9c2bbd2022-01-11 12:18:49.359root 11241100x80000000000000003907458Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.359{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d82396b52041137f2022-01-11 12:18:49.359root 11241100x80000000000000003907459Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.359{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b97233ef81e8efa2022-01-11 12:18:49.359root 11241100x80000000000000003907460Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.359{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.22f94c7b09a3540a2022-01-11 12:18:49.359root 11241100x80000000000000003907461Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.359{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d17e81e1569e31642022-01-11 12:18:49.359root 11241100x80000000000000003907462Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.360{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac8bb77ae953bcff2022-01-11 12:18:49.360root 11241100x80000000000000003907463Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.34ffe27aff8c47a62022-01-11 12:18:49.834root 11241100x80000000000000003907464Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.99d113feb49928652022-01-11 12:18:49.834root 11241100x80000000000000003907465Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cdaa2e5237e0ca7e2022-01-11 12:18:49.835root 11241100x80000000000000003907466Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.022199d33a5c41582022-01-11 12:18:49.835root 11241100x80000000000000003907467Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f7330d0169dff03c2022-01-11 12:18:49.835root 11241100x80000000000000003907468Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae29b41004582c5f2022-01-11 12:18:49.835root 11241100x80000000000000003907469Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2504c2f0ae189cb82022-01-11 12:18:49.835root 11241100x80000000000000003907470Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d54df14847c622572022-01-11 12:18:49.835root 11241100x80000000000000003907471Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00773273739ad3602022-01-11 12:18:49.835root 11241100x80000000000000003907472Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc353e9ac49cb48f2022-01-11 12:18:49.836root 11241100x80000000000000003907473Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be827cae30a90ecc2022-01-11 12:18:49.836root 11241100x80000000000000003907474Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41e264129a35f1552022-01-11 12:18:49.836root 11241100x80000000000000003907475Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e45ab5bc90822dfc2022-01-11 12:18:49.836root 11241100x80000000000000003907476Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c71407c5987b882f2022-01-11 12:18:49.836root 11241100x80000000000000003907477Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7799ce652836ce142022-01-11 12:18:49.836root 11241100x80000000000000003907478Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b68bf278711841a72022-01-11 12:18:49.836root 11241100x80000000000000003907479Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1ebbc4de628a55a92022-01-11 12:18:49.836root 11241100x80000000000000003907480Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.170b415e109201ca2022-01-11 12:18:49.837root 11241100x80000000000000003907481Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d2b33ad3931a11b2022-01-11 12:18:49.837root 11241100x80000000000000003907482Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7dfa15892676c8a2022-01-11 12:18:49.837root 11241100x80000000000000003907483Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.491bde8b46995fb02022-01-11 12:18:49.837root 11241100x80000000000000003907484Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6027348a59bdcbf2022-01-11 12:18:49.837root 11241100x80000000000000003907485Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.882ea3b40ad2dd512022-01-11 12:18:49.837root 11241100x80000000000000003907486Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69cbf8f391dd70092022-01-11 12:18:49.837root 11241100x80000000000000003907487Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6327c18c3c4235d42022-01-11 12:18:49.837root 11241100x80000000000000003907488Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ade0fb54cb6f2bb2022-01-11 12:18:49.837root 11241100x80000000000000003907489Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a73b266ad8b676812022-01-11 12:18:49.838root 11241100x80000000000000003907490Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.80d1b1c9dde27ccb2022-01-11 12:18:49.838root 11241100x80000000000000003907491Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2831e73393b14f862022-01-11 12:18:49.838root 11241100x80000000000000003907492Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d685592e82942782022-01-11 12:18:49.838root 11241100x80000000000000003907493Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77b4cc94f40a83022022-01-11 12:18:49.838root 11241100x80000000000000003907494Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.caf9eae3f40c5ba22022-01-11 12:18:49.838root 11241100x80000000000000003907495Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3c4c09c4e4e4100b2022-01-11 12:18:49.838root 11241100x80000000000000003907496Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6163f61bc900c2b12022-01-11 12:18:49.838root 11241100x80000000000000003907497Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fac441f3e56ba3392022-01-11 12:18:49.838root 11241100x80000000000000003907498Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4fc46c593e6942d2022-01-11 12:18:49.838root 11241100x80000000000000003907499Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e641f685d2bb269a2022-01-11 12:18:49.838root 11241100x80000000000000003907500Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d2e0dc59086da9a2022-01-11 12:18:49.838root 11241100x80000000000000003907501Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0e7f101f876fa6c2022-01-11 12:18:49.839root 11241100x80000000000000003907502Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.942bd8ec285e99192022-01-11 12:18:49.839root 11241100x80000000000000003907503Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ddc51bfc82746bf92022-01-11 12:18:49.839root 11241100x80000000000000003907504Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ede35d49b0116b12022-01-11 12:18:50.333root 11241100x80000000000000003907505Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.723b099007b1148a2022-01-11 12:18:50.333root 11241100x80000000000000003907506Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1dd5b38e1bf2c91f2022-01-11 12:18:50.334root 11241100x80000000000000003907507Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b7e2503af5acb692022-01-11 12:18:50.334root 11241100x80000000000000003907508Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4afc9d4f1ac69bbf2022-01-11 12:18:50.334root 11241100x80000000000000003907509Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.078a39d7fd240c2e2022-01-11 12:18:50.334root 11241100x80000000000000003907510Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d7113c1446ee91b72022-01-11 12:18:50.334root 11241100x80000000000000003907511Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1437e46bd4d2bdd2022-01-11 12:18:50.334root 11241100x80000000000000003907512Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b829a5c0514c0eca2022-01-11 12:18:50.334root 11241100x80000000000000003907513Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2fed8c1e1338da302022-01-11 12:18:50.334root 11241100x80000000000000003907514Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21dedb82eb28d13b2022-01-11 12:18:50.334root 11241100x80000000000000003907515Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b5652fb018074e802022-01-11 12:18:50.335root 11241100x80000000000000003907516Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a5e06edd8dbaa1d2022-01-11 12:18:50.335root 11241100x80000000000000003907517Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ed072a1951b46562022-01-11 12:18:50.335root 11241100x80000000000000003907518Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.925e908f518808c42022-01-11 12:18:50.335root 11241100x80000000000000003907519Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d00c700fa094d8942022-01-11 12:18:50.335root 11241100x80000000000000003907520Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b8b49a38306910c2022-01-11 12:18:50.335root 11241100x80000000000000003907521Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3498006b9783f2882022-01-11 12:18:50.335root 11241100x80000000000000003907522Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6e4a330f15c67a4e2022-01-11 12:18:50.335root 11241100x80000000000000003907523Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a95c85983aa332d2022-01-11 12:18:50.336root 11241100x80000000000000003907524Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.04655deb05347f4c2022-01-11 12:18:50.336root 11241100x80000000000000003907525Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e35ace1e00aa2d132022-01-11 12:18:50.336root 11241100x80000000000000003907526Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f0d3eda878fe3b02022-01-11 12:18:50.336root 11241100x80000000000000003907527Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.208360a1df3918bb2022-01-11 12:18:50.336root 11241100x80000000000000003907528Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f6eaa8ee4ff434d22022-01-11 12:18:50.336root 11241100x80000000000000003907529Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21be1afcaf0a9f3c2022-01-11 12:18:50.336root 11241100x80000000000000003907530Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d69760117aac9d32022-01-11 12:18:50.336root 11241100x80000000000000003907531Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3fc0b6a3077f16732022-01-11 12:18:50.336root 11241100x80000000000000003907532Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0354f3c0c164a37f2022-01-11 12:18:50.336root 11241100x80000000000000003907533Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9bc4ee7d387b7a732022-01-11 12:18:50.336root 11241100x80000000000000003907534Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7270bc1cdf0a72b42022-01-11 12:18:50.336root 11241100x80000000000000003907535Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.31c8ddee5f9feb2a2022-01-11 12:18:50.336root 11241100x80000000000000003907536Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.884ba7a303be72242022-01-11 12:18:50.336root 11241100x80000000000000003907537Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.32af09c1c5767a0c2022-01-11 12:18:50.336root 11241100x80000000000000003907538Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d7f9a1f17568a6172022-01-11 12:18:50.337root 11241100x80000000000000003907539Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f46864fb81478df42022-01-11 12:18:50.337root 11241100x80000000000000003907540Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b1a7b28e48243e62022-01-11 12:18:50.833root 11241100x80000000000000003907541Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.35e7a4c12e0099972022-01-11 12:18:50.834root 11241100x80000000000000003907542Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b50ab6723b210872022-01-11 12:18:50.834root 11241100x80000000000000003907543Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7df1bc96bc805b4d2022-01-11 12:18:50.834root 11241100x80000000000000003907544Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d826e69c4a6557802022-01-11 12:18:50.834root 11241100x80000000000000003907545Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.188148cd4394001e2022-01-11 12:18:50.834root 11241100x80000000000000003907546Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf5e7dd96688f69a2022-01-11 12:18:50.834root 11241100x80000000000000003907547Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.028215e793a95d512022-01-11 12:18:50.834root 11241100x80000000000000003907548Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a2de9a68bc6c6cef2022-01-11 12:18:50.834root 11241100x80000000000000003907549Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d03344cedc93f4c2022-01-11 12:18:50.834root 11241100x80000000000000003907550Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e21898ce2d5230ee2022-01-11 12:18:50.834root 11241100x80000000000000003907551Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.166cf1c1ed4bfda02022-01-11 12:18:50.834root 11241100x80000000000000003907552Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f75d007393ccfec12022-01-11 12:18:50.835root 11241100x80000000000000003907553Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.448feb306cb68c282022-01-11 12:18:50.835root 11241100x80000000000000003907554Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.690bc09d6e07eb0b2022-01-11 12:18:50.835root 11241100x80000000000000003907555Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b04746f985142c52022-01-11 12:18:50.835root 11241100x80000000000000003907556Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.03b7a738161d152d2022-01-11 12:18:50.835root 11241100x80000000000000003907557Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1cd4c377817609fa2022-01-11 12:18:50.836root 11241100x80000000000000003907558Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.36a0cc8fa49153ca2022-01-11 12:18:50.836root 11241100x80000000000000003907559Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf57567dd58054f02022-01-11 12:18:50.836root 11241100x80000000000000003907560Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b390f7b217ef58c2022-01-11 12:18:50.836root 11241100x80000000000000003907561Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b2d7e3a5a192fbeb2022-01-11 12:18:50.836root 11241100x80000000000000003907562Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c3bceaa9dc1055572022-01-11 12:18:50.836root 11241100x80000000000000003907563Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a053f166b26575ff2022-01-11 12:18:50.836root 11241100x80000000000000003907564Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.19f60147dd425b392022-01-11 12:18:50.836root 11241100x80000000000000003907565Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a85f5f61b226c2152022-01-11 12:18:50.836root 11241100x80000000000000003907566Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6738ee1954f76992022-01-11 12:18:50.836root 11241100x80000000000000003907567Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a6e1c00933937362022-01-11 12:18:50.837root 11241100x80000000000000003907568Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9091fc9ec52017ca2022-01-11 12:18:50.837root 11241100x80000000000000003907569Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.352f5b72574a97c22022-01-11 12:18:50.837root 11241100x80000000000000003907570Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7eea314cc55e539d2022-01-11 12:18:50.837root 11241100x80000000000000003907571Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f446a69e6a0a3a72022-01-11 12:18:50.837root 11241100x80000000000000003907572Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1ddc19bf0e027f42022-01-11 12:18:50.837root 11241100x80000000000000003907573Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d528956b181d5ef92022-01-11 12:18:50.837root 11241100x80000000000000003907574Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7cce07a1dfad1bdc2022-01-11 12:18:50.837root 11241100x80000000000000003907575Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.386eebd574f6a1362022-01-11 12:18:50.837root 11241100x80000000000000003907576Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.67c2e1a17376d8482022-01-11 12:18:50.837root 354300x80000000000000003907577Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.148{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56256-false10.0.1.12-8000- 11241100x80000000000000003907578Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.149{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a9484667c52347172022-01-11 12:18:51.149root 11241100x80000000000000003907579Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.149{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf9a159cda22ea912022-01-11 12:18:51.149root 11241100x80000000000000003907580Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.150{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9fc2b4e74a6a2b2a2022-01-11 12:18:51.150root 11241100x80000000000000003907581Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.150{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.83a35a80badbd8ab2022-01-11 12:18:51.150root 11241100x80000000000000003907582Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.150{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.051bb55d4b744c672022-01-11 12:18:51.150root 11241100x80000000000000003907583Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.150{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce83dbe8c593b3002022-01-11 12:18:51.150root 11241100x80000000000000003907584Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.150{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.62e69ed52b7ae1c02022-01-11 12:18:51.150root 11241100x80000000000000003907585Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.151{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b321915dedaef2032022-01-11 12:18:51.151root 11241100x80000000000000003907586Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.151{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bcbb12cf19922f462022-01-11 12:18:51.151root 11241100x80000000000000003907587Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.151{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09b0adcb692a8dc62022-01-11 12:18:51.151root 11241100x80000000000000003907588Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.151{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf8b485432474c752022-01-11 12:18:51.151root 11241100x80000000000000003907589Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.152{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8222bbc49d75a22e2022-01-11 12:18:51.152root 11241100x80000000000000003907590Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.152{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33c231e9d96af7f12022-01-11 12:18:51.152root 11241100x80000000000000003907591Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.152{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9fb33d169ca017692022-01-11 12:18:51.152root 11241100x80000000000000003907592Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.152{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3fa1751236c9d0b12022-01-11 12:18:51.152root 11241100x80000000000000003907593Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.153{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c7e64f4b5f14a80b2022-01-11 12:18:51.153root 11241100x80000000000000003907594Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.153{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.874e6a71471e25652022-01-11 12:18:51.153root 11241100x80000000000000003907595Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.153{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9f9a9c21d7f581a82022-01-11 12:18:51.153root 11241100x80000000000000003907596Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.154{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b92e103fc3c2c4fb2022-01-11 12:18:51.154root 11241100x80000000000000003907597Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.154{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.34795c6f0ba84b832022-01-11 12:18:51.154root 11241100x80000000000000003907598Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.154{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.51cf7a43a3743caf2022-01-11 12:18:51.154root 11241100x80000000000000003907599Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.154{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e9a3ddc68915ef9b2022-01-11 12:18:51.154root 11241100x80000000000000003907600Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.154{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af098cee68b6e3302022-01-11 12:18:51.154root 11241100x80000000000000003907601Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.154{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ba6731df53e8aa62022-01-11 12:18:51.154root 11241100x80000000000000003907602Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.155{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae934840128490d72022-01-11 12:18:51.155root 11241100x80000000000000003907603Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.155{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f405f89cfed951dc2022-01-11 12:18:51.155root 11241100x80000000000000003907604Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.155{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cfc8ba743fff62132022-01-11 12:18:51.155root 11241100x80000000000000003907605Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.155{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.480928dfeb9b7ffb2022-01-11 12:18:51.155root 11241100x80000000000000003907606Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.155{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90d092ead68d73d52022-01-11 12:18:51.155root 11241100x80000000000000003907607Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.155{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c578287869198b212022-01-11 12:18:51.155root 11241100x80000000000000003907608Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.155{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd258d44f760fcc52022-01-11 12:18:51.155root 11241100x80000000000000003907609Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.155{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0ccd9991511f771c2022-01-11 12:18:51.155root 11241100x80000000000000003907610Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.156{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6ae64428ed94db82022-01-11 12:18:51.156root 11241100x80000000000000003907611Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.156{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77ea83b74db1258d2022-01-11 12:18:51.156root 11241100x80000000000000003907612Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.156{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.34c260189a7ed6a72022-01-11 12:18:51.156root 11241100x80000000000000003907613Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.156{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.17f4205869ebdefc2022-01-11 12:18:51.156root 11241100x80000000000000003907614Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.156{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eec192416bf5e1602022-01-11 12:18:51.156root 11241100x80000000000000003907615Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.156{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.585006452e0d08a02022-01-11 12:18:51.156root 11241100x80000000000000003907616Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.157{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e12a3fdee4d410af2022-01-11 12:18:51.157root 11241100x80000000000000003907617Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.157{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7bd61275bb33b872022-01-11 12:18:51.157root 11241100x80000000000000003907618Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.157{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db1e79d2e731d57c2022-01-11 12:18:51.157root 11241100x80000000000000003907619Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.157{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8520050984c5a3ab2022-01-11 12:18:51.157root 11241100x80000000000000003907620Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.157{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25f7f983ebd25a652022-01-11 12:18:51.157root 11241100x80000000000000003907621Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.157{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b1b00a84fb3f8f22022-01-11 12:18:51.157root 11241100x80000000000000003907622Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.40c7858f4e8ad9e52022-01-11 12:18:51.583root 11241100x80000000000000003907623Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d2cbd38f7166671d2022-01-11 12:18:51.583root 11241100x80000000000000003907624Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.809c4405311668362022-01-11 12:18:51.583root 11241100x80000000000000003907625Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8724a9de84da64a2022-01-11 12:18:51.583root 11241100x80000000000000003907626Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.914f761b675985602022-01-11 12:18:51.583root 11241100x80000000000000003907627Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.55088d7bb1518b3d2022-01-11 12:18:51.584root 11241100x80000000000000003907628Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48fcc037f571666e2022-01-11 12:18:51.584root 11241100x80000000000000003907629Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33149c9310b37a7b2022-01-11 12:18:51.584root 11241100x80000000000000003907630Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de7be8882b95b5112022-01-11 12:18:51.584root 11241100x80000000000000003907631Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d09b4c27320303d2022-01-11 12:18:51.584root 11241100x80000000000000003907632Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b0601fbc4680a77f2022-01-11 12:18:51.584root 11241100x80000000000000003907633Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8a0ab03ed3a5fbaf2022-01-11 12:18:51.584root 11241100x80000000000000003907634Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.75ca25c0be3810312022-01-11 12:18:51.584root 11241100x80000000000000003907635Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1583d03e4cd2d4752022-01-11 12:18:51.585root 11241100x80000000000000003907636Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e5815dcd0a7f86d22022-01-11 12:18:51.585root 11241100x80000000000000003907637Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.73ca1ea78e38029e2022-01-11 12:18:51.585root 11241100x80000000000000003907638Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c6d0728b32ac8be2022-01-11 12:18:51.585root 11241100x80000000000000003907639Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.74bf83c21098cff12022-01-11 12:18:51.585root 11241100x80000000000000003907640Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d7021fe1372fda292022-01-11 12:18:51.585root 11241100x80000000000000003907641Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3edbeae3fc7af83e2022-01-11 12:18:51.586root 11241100x80000000000000003907642Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.19780d073bbd59f32022-01-11 12:18:51.586root 11241100x80000000000000003907643Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.976bd3cf376528ab2022-01-11 12:18:51.586root 11241100x80000000000000003907644Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2432cb8715cc764f2022-01-11 12:18:51.586root 11241100x80000000000000003907645Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2a631e563cdcfc422022-01-11 12:18:51.586root 11241100x80000000000000003907646Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6a1e4c51be8dd882022-01-11 12:18:51.586root 11241100x80000000000000003907647Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd00d3624b3d205c2022-01-11 12:18:51.586root 11241100x80000000000000003907648Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.706d046aa9b23b4f2022-01-11 12:18:51.587root 11241100x80000000000000003907649Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.300c3066748ba00d2022-01-11 12:18:51.587root 11241100x80000000000000003907650Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8595e82da2cc4fd82022-01-11 12:18:51.587root 11241100x80000000000000003907651Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.934b4fcfeb56036d2022-01-11 12:18:51.587root 11241100x80000000000000003907652Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c7cae15cee86f5de2022-01-11 12:18:51.587root 11241100x80000000000000003907653Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1ce6ec4fd64f6582022-01-11 12:18:51.587root 11241100x80000000000000003907654Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a0907159b9871da2022-01-11 12:18:51.588root 11241100x80000000000000003907655Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f003d14366216ed82022-01-11 12:18:51.588root 11241100x80000000000000003907656Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2bfa247a709c5abf2022-01-11 12:18:51.588root 11241100x80000000000000003907657Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b5878b724b67e9b52022-01-11 12:18:52.083root 11241100x80000000000000003907658Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d1cc9ba213a52bd2022-01-11 12:18:52.083root 11241100x80000000000000003907659Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eea9c7d57d3ac78f2022-01-11 12:18:52.083root 11241100x80000000000000003907660Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.82ac3237d663c49d2022-01-11 12:18:52.084root 11241100x80000000000000003907661Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff5a54e8d1646d162022-01-11 12:18:52.084root 11241100x80000000000000003907662Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.063c84d2663cc2ac2022-01-11 12:18:52.084root 11241100x80000000000000003907663Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ea6c6baf002b95762022-01-11 12:18:52.084root 11241100x80000000000000003907664Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.93665e23fc92db322022-01-11 12:18:52.084root 11241100x80000000000000003907665Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f501ad91522cbf42022-01-11 12:18:52.084root 11241100x80000000000000003907666Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.57101f83fe14f0752022-01-11 12:18:52.084root 11241100x80000000000000003907667Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.42dfde9dd77c64e52022-01-11 12:18:52.085root 11241100x80000000000000003907668Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.105e9cbd401622202022-01-11 12:18:52.085root 11241100x80000000000000003907669Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a59c3bb2ac050432022-01-11 12:18:52.085root 11241100x80000000000000003907670Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6f0dfa8cc3072cb2022-01-11 12:18:52.085root 11241100x80000000000000003907671Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.84310bbe3f94cb3d2022-01-11 12:18:52.085root 11241100x80000000000000003907672Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.081304433e3989002022-01-11 12:18:52.085root 11241100x80000000000000003907673Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.12e4cc7b76e6cbfe2022-01-11 12:18:52.085root 11241100x80000000000000003907674Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f8b559053e9cc0802022-01-11 12:18:52.085root 11241100x80000000000000003907675Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6de6b36480b5e9f92022-01-11 12:18:52.085root 11241100x80000000000000003907676Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a826890e9d4c6b812022-01-11 12:18:52.086root 11241100x80000000000000003907677Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d50b6b6b26ca4ccb2022-01-11 12:18:52.086root 11241100x80000000000000003907678Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ede2506d13cfc8f22022-01-11 12:18:52.086root 11241100x80000000000000003907679Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.439895e76ab844cc2022-01-11 12:18:52.086root 11241100x80000000000000003907680Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7de93111db5b38252022-01-11 12:18:52.086root 11241100x80000000000000003907681Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9f43236a2a2e7dcd2022-01-11 12:18:52.086root 11241100x80000000000000003907682Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.903c762a0645b3c62022-01-11 12:18:52.086root 11241100x80000000000000003907683Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c20a93046e7d118a2022-01-11 12:18:52.087root 11241100x80000000000000003907684Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fb3082a5cc84d1462022-01-11 12:18:52.087root 11241100x80000000000000003907685Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c9278af67fc530132022-01-11 12:18:52.087root 11241100x80000000000000003907686Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.731dfe7638b39ce32022-01-11 12:18:52.087root 11241100x80000000000000003907687Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0058394d8c413ce2022-01-11 12:18:52.087root 11241100x80000000000000003907688Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.13cbc0deaa1b87f82022-01-11 12:18:52.088root 11241100x80000000000000003907689Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e56e9bd6ab8dbd92022-01-11 12:18:52.088root 11241100x80000000000000003907690Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.44f8dcab85e36e872022-01-11 12:18:52.088root 11241100x80000000000000003907691Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6626392750f1c9f2022-01-11 12:18:52.088root 11241100x80000000000000003907692Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2b76bc4f62aaa9452022-01-11 12:18:52.088root 11241100x80000000000000003907693Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.569b7838d6c1d5c02022-01-11 12:18:52.088root 11241100x80000000000000003907694Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df8e0f9f489079bd2022-01-11 12:18:52.583root 11241100x80000000000000003907695Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.81c11a244771ed2f2022-01-11 12:18:52.583root 11241100x80000000000000003907696Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.617f80439071638f2022-01-11 12:18:52.583root 11241100x80000000000000003907697Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a9312ab3ec9aa1302022-01-11 12:18:52.583root 11241100x80000000000000003907698Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8110b97d94942da52022-01-11 12:18:52.584root 11241100x80000000000000003907699Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.641d52ea7767d3cb2022-01-11 12:18:52.584root 11241100x80000000000000003907700Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe97a612cdcb09b32022-01-11 12:18:52.584root 11241100x80000000000000003907701Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.08b79389d32ab1342022-01-11 12:18:52.584root 11241100x80000000000000003907702Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.19951b78ca1a6fe12022-01-11 12:18:52.584root 11241100x80000000000000003907703Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1d50ff5452792562022-01-11 12:18:52.584root 11241100x80000000000000003907704Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e80de2ed1aac6ab52022-01-11 12:18:52.585root 11241100x80000000000000003907705Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ac2347d70f894ee2022-01-11 12:18:52.585root 11241100x80000000000000003907706Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d3f5fec5d9058f0b2022-01-11 12:18:52.585root 11241100x80000000000000003907707Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f9583a6ee05781cb2022-01-11 12:18:52.585root 11241100x80000000000000003907708Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.535ca5cfd5f259902022-01-11 12:18:52.585root 11241100x80000000000000003907709Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c9a66105c4f6756d2022-01-11 12:18:52.585root 11241100x80000000000000003907710Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41c7535258f68feb2022-01-11 12:18:52.585root 11241100x80000000000000003907711Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6231bae143bfd81b2022-01-11 12:18:52.586root 11241100x80000000000000003907712Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e2154b5bc4ab77ef2022-01-11 12:18:52.586root 11241100x80000000000000003907713Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bcbda33c5a1048312022-01-11 12:18:52.586root 11241100x80000000000000003907714Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.49d05e5ae190dc2e2022-01-11 12:18:52.586root 11241100x80000000000000003907715Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d0e60060dd52e1ac2022-01-11 12:18:52.586root 11241100x80000000000000003907716Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1265a6ecce9d56fa2022-01-11 12:18:52.586root 11241100x80000000000000003907717Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5685d9777b9f6b332022-01-11 12:18:52.587root 11241100x80000000000000003907718Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4edd40f8b4cc75522022-01-11 12:18:52.587root 11241100x80000000000000003907719Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2b75ff99ec11bc2b2022-01-11 12:18:52.587root 11241100x80000000000000003907720Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4eb80073f3c7054b2022-01-11 12:18:52.587root 11241100x80000000000000003907721Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.88aabc2c35bc89842022-01-11 12:18:52.587root 11241100x80000000000000003907722Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff93319ad05dec3e2022-01-11 12:18:52.587root 11241100x80000000000000003907723Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.07d164ef9c21cb7a2022-01-11 12:18:52.587root 11241100x80000000000000003907724Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed4aae7c3b82f4fd2022-01-11 12:18:52.588root 11241100x80000000000000003907725Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.826db029fd3ede7f2022-01-11 12:18:52.588root 11241100x80000000000000003907726Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.39b69db9e15e5fce2022-01-11 12:18:52.588root 11241100x80000000000000003907727Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.762f1859657d970c2022-01-11 12:18:52.588root 11241100x80000000000000003907728Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63c79f7a837d11e42022-01-11 12:18:52.588root 11241100x80000000000000003907729Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c4d1e23b6835e5cf2022-01-11 12:18:52.588root 11241100x80000000000000003907730Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.26fd145fb9fffca32022-01-11 12:18:52.589root 11241100x80000000000000003907731Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8cc92054a61ead292022-01-11 12:18:52.589root 11241100x80000000000000003907732Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0fc32ff3ccae96a92022-01-11 12:18:52.589root 11241100x80000000000000003907733Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f2eebf5773ec8ea72022-01-11 12:18:52.589root 11241100x80000000000000003907734Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5cceb6bf57b2d6b22022-01-11 12:18:52.589root 11241100x80000000000000003907735Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3bb1696b9176f96c2022-01-11 12:18:52.589root 11241100x80000000000000003907736Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69778c917ede6af02022-01-11 12:18:52.589root 11241100x80000000000000003907737Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a775c4b5074b44bb2022-01-11 12:18:52.590root 11241100x80000000000000003907738Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6e353fce06483d712022-01-11 12:18:53.083root 11241100x80000000000000003907739Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a092baf1c89143e2022-01-11 12:18:53.083root 11241100x80000000000000003907740Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ad835661358024092022-01-11 12:18:53.083root 11241100x80000000000000003907741Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7008e829107bc1732022-01-11 12:18:53.083root 11241100x80000000000000003907742Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09ed2a2cf10b54052022-01-11 12:18:53.084root 11241100x80000000000000003907743Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.16ffb70987b7e8ea2022-01-11 12:18:53.084root 11241100x80000000000000003907744Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69f67b7335e7672d2022-01-11 12:18:53.084root 11241100x80000000000000003907745Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8941e6b14b976fa2022-01-11 12:18:53.084root 11241100x80000000000000003907746Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f91155a85995bb22022-01-11 12:18:53.084root 11241100x80000000000000003907747Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf7c656b0131ebcd2022-01-11 12:18:53.084root 11241100x80000000000000003907748Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c981fcdf8d981c422022-01-11 12:18:53.084root 11241100x80000000000000003907749Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.488907eafffea9942022-01-11 12:18:53.084root 11241100x80000000000000003907750Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c4e1c846072c14b62022-01-11 12:18:53.084root 11241100x80000000000000003907751Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.68f75ff83f9db4532022-01-11 12:18:53.084root 11241100x80000000000000003907752Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f28761989223e3592022-01-11 12:18:53.085root 11241100x80000000000000003907753Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f76a83cb43fc5d532022-01-11 12:18:53.085root 11241100x80000000000000003907754Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e9da4302037195b32022-01-11 12:18:53.085root 11241100x80000000000000003907755Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9357e117275381232022-01-11 12:18:53.085root 11241100x80000000000000003907756Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.44b46cde22632b392022-01-11 12:18:53.085root 11241100x80000000000000003907757Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ecaa12bb8b059b732022-01-11 12:18:53.085root 11241100x80000000000000003907758Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6248fc08ca27d522022-01-11 12:18:53.085root 11241100x80000000000000003907759Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2cd04803ca5dcc142022-01-11 12:18:53.085root 11241100x80000000000000003907760Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.376e26e66006552f2022-01-11 12:18:53.086root 11241100x80000000000000003907761Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9630655323d352b2022-01-11 12:18:53.086root 11241100x80000000000000003907762Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2804258ecef1c2402022-01-11 12:18:53.086root 11241100x80000000000000003907763Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f6e0c089ed9261bd2022-01-11 12:18:53.086root 11241100x80000000000000003907764Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.884d263823dc7a682022-01-11 12:18:53.086root 11241100x80000000000000003907765Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c1cca1913b95a5882022-01-11 12:18:53.086root 11241100x80000000000000003907766Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.20a275c09c20f8372022-01-11 12:18:53.086root 11241100x80000000000000003907767Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c3e9dbf1c0af86592022-01-11 12:18:53.086root 11241100x80000000000000003907768Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5646b586ad39162c2022-01-11 12:18:53.086root 11241100x80000000000000003907769Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c88920756c46e262022-01-11 12:18:53.086root 11241100x80000000000000003907770Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f500a3f4c18e9eca2022-01-11 12:18:53.086root 11241100x80000000000000003907771Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf7bff61fb28fa752022-01-11 12:18:53.087root 11241100x80000000000000003907772Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c202c9c55637b05b2022-01-11 12:18:53.087root 11241100x80000000000000003907773Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d4056abd5d294bc82022-01-11 12:18:53.087root 11241100x80000000000000003907774Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e9db03cdc1cfea142022-01-11 12:18:53.087root 11241100x80000000000000003907775Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dbbe2123a021fc6d2022-01-11 12:18:53.087root 11241100x80000000000000003907776Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f99beb5e2631d0e72022-01-11 12:18:53.089root 11241100x80000000000000003907777Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f51f5d8ddf57ba22022-01-11 12:18:53.090root 11241100x80000000000000003907778Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a46ab750bb53f8082022-01-11 12:18:53.090root 11241100x80000000000000003907779Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b94703e261e97602022-01-11 12:18:53.090root 11241100x80000000000000003907780Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a968799347a1a7872022-01-11 12:18:53.090root 11241100x80000000000000003907781Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ecc9f713d34171c42022-01-11 12:18:53.090root 11241100x80000000000000003907782Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be3ddc81acf436602022-01-11 12:18:53.090root 11241100x80000000000000003907783Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0bfa99bb6e7fd6b22022-01-11 12:18:53.090root 11241100x80000000000000003907784Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0ff1cf84e7c4dfa22022-01-11 12:18:53.090root 11241100x80000000000000003907785Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02623a4c8f4b58cb2022-01-11 12:18:53.091root 11241100x80000000000000003907786Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fb64176e8b2d7c7c2022-01-11 12:18:53.091root 11241100x80000000000000003907787Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f5fe07bdc554a772022-01-11 12:18:53.091root 11241100x80000000000000003907788Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e733610974fb8dd52022-01-11 12:18:53.091root 11241100x80000000000000003907789Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.06cc71d4f826da9d2022-01-11 12:18:53.091root 11241100x80000000000000003907790Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b0f36e648471e5232022-01-11 12:18:53.091root 11241100x80000000000000003907791Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d7f8adc4e6fd14b2022-01-11 12:18:53.091root 11241100x80000000000000003907792Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ccb4497a416c3a262022-01-11 12:18:53.091root 11241100x80000000000000003907793Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a7b9a8ca3a0a39f42022-01-11 12:18:53.091root 11241100x80000000000000003907794Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.74837e8dded1d15d2022-01-11 12:18:53.091root 11241100x80000000000000003907795Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.092{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9f3a671cf4a161292022-01-11 12:18:53.092root 11241100x80000000000000003907796Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.092{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd23d8cb0f1064df2022-01-11 12:18:53.092root 11241100x80000000000000003907797Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.092{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d5aecb45de7433e2022-01-11 12:18:53.092root 11241100x80000000000000003907798Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.092{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d81a79da086dd5a2022-01-11 12:18:53.092root 11241100x80000000000000003907799Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.092{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00144fea0476141f2022-01-11 12:18:53.092root 11241100x80000000000000003907800Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.092{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c5cb44035c98b502022-01-11 12:18:53.092root 11241100x80000000000000003907801Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c3732dbaf6f6c0522022-01-11 12:18:53.583root 11241100x80000000000000003907802Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.84a09c50975e57de2022-01-11 12:18:53.583root 11241100x80000000000000003907803Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c29b921926a861c2022-01-11 12:18:53.584root 11241100x80000000000000003907804Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f36ba77250934a32022-01-11 12:18:53.584root 11241100x80000000000000003907805Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ecfcbeee903996e2022-01-11 12:18:53.584root 11241100x80000000000000003907806Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c1aa45c5d936bd82022-01-11 12:18:53.585root 11241100x80000000000000003907807Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b0b0b5e00e1890932022-01-11 12:18:53.585root 11241100x80000000000000003907808Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c9cc3fd4b2e8d202022-01-11 12:18:53.585root 11241100x80000000000000003907809Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a403423aafaa6ce42022-01-11 12:18:53.585root 11241100x80000000000000003907810Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba55a354ba11bad32022-01-11 12:18:53.585root 11241100x80000000000000003907811Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.93be67cc4e25053f2022-01-11 12:18:53.585root 11241100x80000000000000003907812Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.83239d2b107779472022-01-11 12:18:53.585root 11241100x80000000000000003907813Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.436ceb8dbd0ff2442022-01-11 12:18:53.585root 11241100x80000000000000003907814Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ff5927ccec430542022-01-11 12:18:53.586root 11241100x80000000000000003907815Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.68fe6eeebfe3f6b12022-01-11 12:18:53.586root 11241100x80000000000000003907816Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a5733a89896203672022-01-11 12:18:53.586root 11241100x80000000000000003907817Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.55df3cd582e4087a2022-01-11 12:18:53.586root 11241100x80000000000000003907818Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a971a6568a57acd32022-01-11 12:18:53.586root 11241100x80000000000000003907819Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c4160a45e2827aba2022-01-11 12:18:53.586root 11241100x80000000000000003907820Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.858860f2a82962012022-01-11 12:18:53.586root 11241100x80000000000000003907821Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.820fe3455da111ad2022-01-11 12:18:53.586root 11241100x80000000000000003907822Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b9410c499340d6b2022-01-11 12:18:53.587root 11241100x80000000000000003907823Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c019b4b23a91c352022-01-11 12:18:53.587root 11241100x80000000000000003907824Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d4455c61b3313ed32022-01-11 12:18:53.587root 11241100x80000000000000003907825Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.049884b252b369302022-01-11 12:18:53.587root 11241100x80000000000000003907826Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.caadb17f1a575ca32022-01-11 12:18:53.587root 11241100x80000000000000003907827Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4824576b1b2ec4632022-01-11 12:18:53.588root 11241100x80000000000000003907828Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3ace28a162c451e2022-01-11 12:18:53.588root 11241100x80000000000000003907829Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8a1c2ed2b99bc5e2022-01-11 12:18:53.588root 11241100x80000000000000003907830Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b352ec7e6ee83852022-01-11 12:18:53.588root 11241100x80000000000000003907831Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.16bcd658fa38f7dd2022-01-11 12:18:53.589root 11241100x80000000000000003907832Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.20fdb34c3d6596282022-01-11 12:18:53.589root 11241100x80000000000000003907833Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef68fcfacbe18d662022-01-11 12:18:53.589root 11241100x80000000000000003907834Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9896f12ca6c3eb52022-01-11 12:18:53.589root 11241100x80000000000000003907835Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8045db03dfa2c4a92022-01-11 12:18:53.589root 11241100x80000000000000003907836Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c0dc3b33ff2c7942022-01-11 12:18:53.589root 11241100x80000000000000003907837Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.36aace0cded5c3502022-01-11 12:18:53.590root 11241100x80000000000000003907838Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48d771494ae066b32022-01-11 12:18:53.590root 11241100x80000000000000003907839Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.281101c2fdec775d2022-01-11 12:18:53.590root 11241100x80000000000000003907840Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e1f35eb9a0594212022-01-11 12:18:54.084root 11241100x80000000000000003907841Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de254b97bc335b472022-01-11 12:18:54.084root 11241100x80000000000000003907842Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.acbeaeac76436e142022-01-11 12:18:54.084root 11241100x80000000000000003907843Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d97515b806db68482022-01-11 12:18:54.084root 11241100x80000000000000003907844Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dcde0360db67c0312022-01-11 12:18:54.084root 11241100x80000000000000003907845Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.643e99d443394ac12022-01-11 12:18:54.084root 11241100x80000000000000003907846Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ef22ade11d328d42022-01-11 12:18:54.084root 11241100x80000000000000003907847Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.55663b4f1dc098e22022-01-11 12:18:54.085root 11241100x80000000000000003907848Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a64f9120eb2345eb2022-01-11 12:18:54.085root 11241100x80000000000000003907849Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f828f155e294b91f2022-01-11 12:18:54.085root 11241100x80000000000000003907850Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.802ba6eda3e60f592022-01-11 12:18:54.085root 11241100x80000000000000003907851Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d4189ae9fdb15d202022-01-11 12:18:54.085root 11241100x80000000000000003907852Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a96a0c3962f424a2022-01-11 12:18:54.085root 11241100x80000000000000003907853Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e504012b1d8cdd5f2022-01-11 12:18:54.085root 11241100x80000000000000003907854Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f144c883aedbc5662022-01-11 12:18:54.085root 11241100x80000000000000003907855Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c8db847c252d52cc2022-01-11 12:18:54.085root 11241100x80000000000000003907856Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95a5d0f32cc3e6602022-01-11 12:18:54.086root 11241100x80000000000000003907857Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96fc5cad1ebcd99b2022-01-11 12:18:54.086root 11241100x80000000000000003907858Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5dbf0d7c7b96e5c42022-01-11 12:18:54.086root 11241100x80000000000000003907859Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b87550fa1adcd8a2022-01-11 12:18:54.086root 11241100x80000000000000003907860Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7572ba512dc8fcfa2022-01-11 12:18:54.086root 11241100x80000000000000003907861Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ac67fd92945e7192022-01-11 12:18:54.087root 11241100x80000000000000003907862Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1bcad3892488cd3a2022-01-11 12:18:54.087root 11241100x80000000000000003907863Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a4276c65246ac34b2022-01-11 12:18:54.087root 11241100x80000000000000003907864Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90b94b4266bba38e2022-01-11 12:18:54.087root 11241100x80000000000000003907865Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.954dad637e1f5e852022-01-11 12:18:54.087root 11241100x80000000000000003907866Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90e863b39c2b43e62022-01-11 12:18:54.088root 11241100x80000000000000003907867Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f85037e94e809ae82022-01-11 12:18:54.088root 11241100x80000000000000003907868Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7693897ca6c5b4a62022-01-11 12:18:54.088root 11241100x80000000000000003907869Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0c3e7fa8bd94aa22022-01-11 12:18:54.088root 11241100x80000000000000003907870Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.26559af923cc69462022-01-11 12:18:54.088root 11241100x80000000000000003907871Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.01d7587a5cc445a62022-01-11 12:18:54.088root 11241100x80000000000000003907872Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7041f7f90793e9ac2022-01-11 12:18:54.088root 11241100x80000000000000003907873Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ab4ff5de344936592022-01-11 12:18:54.088root 11241100x80000000000000003907874Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.32887ce6d6ad006b2022-01-11 12:18:54.089root 11241100x80000000000000003907875Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f55335e551307dfd2022-01-11 12:18:54.089root 11241100x80000000000000003907876Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5615453bc6a5e2042022-01-11 12:18:54.089root 11241100x80000000000000003907877Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b0ee4edee95376ca2022-01-11 12:18:54.089root 11241100x80000000000000003907878Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3fe572e26358f60c2022-01-11 12:18:54.089root 11241100x80000000000000003907879Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0746ba395e9ff5a62022-01-11 12:18:54.090root 11241100x80000000000000003907880Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d29a5fe340cce00f2022-01-11 12:18:54.090root 11241100x80000000000000003907881Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a9b5e8009be1156c2022-01-11 12:18:54.090root 11241100x80000000000000003907882Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5bfe601c1036ba152022-01-11 12:18:54.583root 11241100x80000000000000003907883Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7058572dbacb96652022-01-11 12:18:54.583root 11241100x80000000000000003907884Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.01371b6827d6b0412022-01-11 12:18:54.583root 11241100x80000000000000003907885Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7874825ef0ebe32b2022-01-11 12:18:54.584root 11241100x80000000000000003907886Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c86d3612bce27d62022-01-11 12:18:54.584root 11241100x80000000000000003907887Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c0d9c5588be80062022-01-11 12:18:54.584root 11241100x80000000000000003907888Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d797893744de8b9c2022-01-11 12:18:54.584root 11241100x80000000000000003907889Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d5d3784493f5c54d2022-01-11 12:18:54.584root 11241100x80000000000000003907890Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5962b6f8785ca72d2022-01-11 12:18:54.584root 11241100x80000000000000003907891Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.20bd123c465783772022-01-11 12:18:54.585root 11241100x80000000000000003907892Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5700ff81e826f0fb2022-01-11 12:18:54.585root 11241100x80000000000000003907893Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.afcbbc3a984d35982022-01-11 12:18:54.585root 11241100x80000000000000003907894Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f5a38921e9b0bd22022-01-11 12:18:54.586root 11241100x80000000000000003907895Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.49ff31cd6e242acd2022-01-11 12:18:54.586root 11241100x80000000000000003907896Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1327c08f608228b72022-01-11 12:18:54.586root 11241100x80000000000000003907897Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b521f0b04aee58fc2022-01-11 12:18:54.586root 11241100x80000000000000003907898Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dab9b659bd6362372022-01-11 12:18:54.586root 11241100x80000000000000003907899Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ab36ac57fe906b12022-01-11 12:18:54.587root 11241100x80000000000000003907900Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.802880bc206756892022-01-11 12:18:54.588root 11241100x80000000000000003907901Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0f28675b87baa8bf2022-01-11 12:18:54.588root 11241100x80000000000000003907902Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b09edafaf993ff772022-01-11 12:18:54.588root 11241100x80000000000000003907903Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ea8bdc96534bf24a2022-01-11 12:18:54.588root 11241100x80000000000000003907904Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c70cfa3f491b4bce2022-01-11 12:18:54.588root 11241100x80000000000000003907905Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd76049eb02caeae2022-01-11 12:18:54.589root 11241100x80000000000000003907906Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe4b0a8886b9c8e52022-01-11 12:18:54.589root 11241100x80000000000000003907907Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4238c8a8b4d92dbe2022-01-11 12:18:54.589root 11241100x80000000000000003907908Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.97f80ab48f1b891b2022-01-11 12:18:54.589root 11241100x80000000000000003907909Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f2d9759e2d2607c32022-01-11 12:18:54.589root 11241100x80000000000000003907910Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.12b9a904f07427f82022-01-11 12:18:54.590root 11241100x80000000000000003907911Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff15a4f470e903f82022-01-11 12:18:54.590root 11241100x80000000000000003907912Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.afe21a0f0b9ab36b2022-01-11 12:18:54.590root 11241100x80000000000000003907913Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b4e8e75699c48f02022-01-11 12:18:54.590root 11241100x80000000000000003907914Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a53713001d131f82022-01-11 12:18:54.590root 11241100x80000000000000003907915Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c843f9e2ed8036d2022-01-11 12:18:54.590root 11241100x80000000000000003907916Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a476a6d5f8ace7c62022-01-11 12:18:54.590root 11241100x80000000000000003907917Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8654ec4e31d61b2c2022-01-11 12:18:54.591root 11241100x80000000000000003907918Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a52e5fa64b5bfac12022-01-11 12:18:54.591root 11241100x80000000000000003907919Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.79fabb5723f5dd072022-01-11 12:18:54.591root 11241100x80000000000000003907920Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.05b49dcf5340dd302022-01-11 12:18:54.591root 11241100x80000000000000003907921Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1e7cf96291555ce2022-01-11 12:18:54.591root 11241100x80000000000000003907922Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.79f9c87c64e4d3192022-01-11 12:18:54.591root 11241100x80000000000000003907923Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c53eefa919f625622022-01-11 12:18:54.591root 11241100x80000000000000003907924Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.592{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fdbdbd55b8759b662022-01-11 12:18:54.592root 11241100x80000000000000003907925Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.592{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f380cc86799307dd2022-01-11 12:18:54.592root 11241100x80000000000000003907926Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.895{ec2d504d-f0f9-61db-30a8-2a40f5550000}5391/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log2022-01-11 12:18:54.895root 11241100x80000000000000003907927Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.896{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d428a55344727c382022-01-11 12:18:54.896root 11241100x80000000000000003907928Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.896{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8f76af8a739a7032022-01-11 12:18:54.896root 11241100x80000000000000003907929Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6dcba5e1eecadcbd2022-01-11 12:18:54.897root 11241100x80000000000000003907930Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d7e4afb0c99a6eb2022-01-11 12:18:54.897root 11241100x80000000000000003907931Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.651714b5ce971d992022-01-11 12:18:54.897root 11241100x80000000000000003907932Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f59fbd8710ddb5932022-01-11 12:18:54.898root 11241100x80000000000000003907933Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f27445a9d4d677c2022-01-11 12:18:54.898root 11241100x80000000000000003907934Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96a6b56850b6a8442022-01-11 12:18:54.898root 11241100x80000000000000003907935Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.06dfdb0f6b74f9f22022-01-11 12:18:54.898root 11241100x80000000000000003907936Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.899{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ff9c631921b7b002022-01-11 12:18:54.899root 11241100x80000000000000003907937Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.899{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.45275cf0e908435d2022-01-11 12:18:54.899root 11241100x80000000000000003907938Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.900{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8cd14f4140adf3012022-01-11 12:18:54.900root 11241100x80000000000000003907939Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.900{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.72017884a7c715672022-01-11 12:18:54.900root 11241100x80000000000000003907940Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.900{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a15494cbc83cc2582022-01-11 12:18:54.900root 11241100x80000000000000003907941Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.900{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b81b067a6609c0872022-01-11 12:18:54.900root 11241100x80000000000000003907942Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.900{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cfc7fb583142aba22022-01-11 12:18:54.900root 11241100x80000000000000003907943Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.900{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8a3a001aaaf499fb2022-01-11 12:18:54.900root 11241100x80000000000000003907944Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.900{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5370943cb2cf494d2022-01-11 12:18:54.900root 11241100x80000000000000003907945Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.900{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c22f757d895abea2022-01-11 12:18:54.900root 11241100x80000000000000003907946Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.900{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f1f416532c5bf4512022-01-11 12:18:54.900root 11241100x80000000000000003907947Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.901{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f9b2715baba30972022-01-11 12:18:54.901root 11241100x80000000000000003907948Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.901{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b65aa2dfa90c69a2022-01-11 12:18:54.901root 11241100x80000000000000003907949Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.901{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a12fe575669849702022-01-11 12:18:54.901root 11241100x80000000000000003907950Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.901{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3bc95e97e8d1c0732022-01-11 12:18:54.901root 11241100x80000000000000003907951Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.901{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a4f10266adc230c2022-01-11 12:18:54.901root 11241100x80000000000000003907952Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.901{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.52854dcc9400d1132022-01-11 12:18:54.901root 11241100x80000000000000003907953Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.901{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5bb10a3f91ae15752022-01-11 12:18:54.901root 11241100x80000000000000003907954Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.901{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.236cc3ac5fdb9d312022-01-11 12:18:54.901root 11241100x80000000000000003907955Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.901{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3dd22a9f0012acc72022-01-11 12:18:54.901root 11241100x80000000000000003907956Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.901{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2825597783509c492022-01-11 12:18:54.901root 11241100x80000000000000003907957Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.901{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8da8d7b0b182c4b42022-01-11 12:18:54.901root 11241100x80000000000000003907958Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.901{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b86a0594fcd4b752022-01-11 12:18:54.901root 11241100x80000000000000003907959Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.902{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a738a1e70c617592022-01-11 12:18:54.902root 11241100x80000000000000003907960Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.902{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9073a7783d0d23fb2022-01-11 12:18:54.902root 11241100x80000000000000003907961Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.902{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd03f46fae51defd2022-01-11 12:18:54.902root 11241100x80000000000000003907962Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.902{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e7153ef80ae2c102022-01-11 12:18:54.902root 11241100x80000000000000003907963Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.902{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.40afa5778c2609ed2022-01-11 12:18:54.902root 11241100x80000000000000003907964Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.902{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c85a3bd5a3d683162022-01-11 12:18:54.902root 11241100x80000000000000003907965Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.902{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5944a24d0663bc532022-01-11 12:18:54.902root 11241100x80000000000000003907966Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.902{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b4b46c7acfe23b92022-01-11 12:18:54.902root 11241100x80000000000000003907967Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.902{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.72d2a6087049b4a92022-01-11 12:18:54.902root 11241100x80000000000000003907968Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4201c5f13363ed62022-01-11 12:18:55.333root 11241100x80000000000000003907969Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d7f428d854a93882022-01-11 12:18:55.333root 11241100x80000000000000003907970Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.40b749bea14d7e9f2022-01-11 12:18:55.334root 11241100x80000000000000003907971Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc0756a37462783f2022-01-11 12:18:55.334root 11241100x80000000000000003907972Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f41da054103625832022-01-11 12:18:55.334root 11241100x80000000000000003907973Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d7f68f76bb2678692022-01-11 12:18:55.334root 11241100x80000000000000003907974Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ac7e6582251cf262022-01-11 12:18:55.334root 11241100x80000000000000003907975Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6f1ddef900c07f4f2022-01-11 12:18:55.334root 11241100x80000000000000003907976Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8051849b1802d7a2022-01-11 12:18:55.334root 11241100x80000000000000003907977Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1cb40b08df1934272022-01-11 12:18:55.334root 11241100x80000000000000003907978Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b47b3079256ad6102022-01-11 12:18:55.334root 11241100x80000000000000003907979Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eab682b0a5e344442022-01-11 12:18:55.335root 11241100x80000000000000003907980Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b64674eec17b5a92022-01-11 12:18:55.335root 11241100x80000000000000003907981Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ffd4d1cb1021710d2022-01-11 12:18:55.335root 11241100x80000000000000003907982Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa23e9427490ddf12022-01-11 12:18:55.335root 11241100x80000000000000003907983Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c09b168bbf248da92022-01-11 12:18:55.335root 11241100x80000000000000003907984Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e67962504e0b61252022-01-11 12:18:55.335root 11241100x80000000000000003907985Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af0e42c11292e31b2022-01-11 12:18:55.335root 11241100x80000000000000003907986Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.749a2d7c16f413332022-01-11 12:18:55.335root 11241100x80000000000000003907987Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.562a9c4ee86bd0da2022-01-11 12:18:55.336root 11241100x80000000000000003907988Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b09563cdf5caba52022-01-11 12:18:55.336root 11241100x80000000000000003907989Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b450f8aafdd1bbc72022-01-11 12:18:55.336root 11241100x80000000000000003907990Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c27e22c02dae890b2022-01-11 12:18:55.336root 11241100x80000000000000003907991Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d46e22f8fa18ca22022-01-11 12:18:55.336root 11241100x80000000000000003907992Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4cd76cc3cc28d5192022-01-11 12:18:55.336root 11241100x80000000000000003907993Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cb0b50f635bc4ee22022-01-11 12:18:55.336root 11241100x80000000000000003907994Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b25d66b9f9cedddd2022-01-11 12:18:55.336root 11241100x80000000000000003907995Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.97352cbc5eb9469e2022-01-11 12:18:55.336root 11241100x80000000000000003907996Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a7b41abdf64091ee2022-01-11 12:18:55.337root 11241100x80000000000000003907997Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b286ff86583e8382022-01-11 12:18:55.337root 11241100x80000000000000003907998Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c65b29d481165c42022-01-11 12:18:55.337root 11241100x80000000000000003907999Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8308cb5a7de36e842022-01-11 12:18:55.337root 11241100x80000000000000003908000Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a7b38738ec771342022-01-11 12:18:55.337root 11241100x80000000000000003908001Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6f3e061eda774e7f2022-01-11 12:18:55.337root 11241100x80000000000000003908002Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e2caf6e245e0315e2022-01-11 12:18:55.337root 11241100x80000000000000003908003Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.74a4f9556455d3ca2022-01-11 12:18:55.337root 11241100x80000000000000003908004Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a6da94419ed5e192022-01-11 12:18:55.337root 11241100x80000000000000003908005Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b337402bd06ca26b2022-01-11 12:18:55.337root 11241100x80000000000000003908006Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.615e6ff2bb4276f12022-01-11 12:18:55.338root 11241100x80000000000000003908007Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef534485ef6a5e132022-01-11 12:18:55.338root 11241100x80000000000000003908008Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0fa1186d75684792022-01-11 12:18:55.834root 11241100x80000000000000003908009Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.520f3cb64d78fcb52022-01-11 12:18:55.834root 11241100x80000000000000003908010Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.56e7f309ed503e802022-01-11 12:18:55.834root 11241100x80000000000000003908011Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2779e4641650b292022-01-11 12:18:55.834root 11241100x80000000000000003908012Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c860ac1220d1b91a2022-01-11 12:18:55.834root 11241100x80000000000000003908013Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d430b0b03c3a9432022-01-11 12:18:55.834root 11241100x80000000000000003908014Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ad12d5eb0ac7fdae2022-01-11 12:18:55.835root 11241100x80000000000000003908015Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6aea48d7e9e383b22022-01-11 12:18:55.835root 11241100x80000000000000003908016Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8fecdd5544c13302022-01-11 12:18:55.835root 11241100x80000000000000003908017Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ad950110aed78ea82022-01-11 12:18:55.835root 11241100x80000000000000003908018Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de0700b75a178ff22022-01-11 12:18:55.835root 11241100x80000000000000003908019Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a4b433fcddd83eba2022-01-11 12:18:55.835root 11241100x80000000000000003908020Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6735dc27704fad372022-01-11 12:18:55.835root 11241100x80000000000000003908021Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd95c620406bed7d2022-01-11 12:18:55.835root 11241100x80000000000000003908022Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.12fd12979b8b19ad2022-01-11 12:18:55.835root 11241100x80000000000000003908023Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5bae19a024c3338d2022-01-11 12:18:55.836root 11241100x80000000000000003908024Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6b1ed5e5671d55c2022-01-11 12:18:55.836root 11241100x80000000000000003908025Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f0da6895905ffe72022-01-11 12:18:55.836root 11241100x80000000000000003908026Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5097f175688877472022-01-11 12:18:55.836root 11241100x80000000000000003908027Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3fabd21f5a94bfb32022-01-11 12:18:55.836root 11241100x80000000000000003908028Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd861bbf4158986e2022-01-11 12:18:55.836root 11241100x80000000000000003908029Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd39a6c5ef4f8e5c2022-01-11 12:18:55.836root 11241100x80000000000000003908030Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c19721ca7bc6c9322022-01-11 12:18:55.836root 11241100x80000000000000003908031Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4bded7c1657b0ad52022-01-11 12:18:55.836root 11241100x80000000000000003908032Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.725ddf8e52821d532022-01-11 12:18:55.837root 11241100x80000000000000003908033Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23aeeac18c56bbec2022-01-11 12:18:55.837root 11241100x80000000000000003908034Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.99dedae3aa1dcb042022-01-11 12:18:55.837root 11241100x80000000000000003908035Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d0b6a88f4cb1891c2022-01-11 12:18:55.837root 11241100x80000000000000003908036Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.84773b18b24b381a2022-01-11 12:18:55.837root 11241100x80000000000000003908037Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.126dd5d5fadf8c682022-01-11 12:18:55.837root 11241100x80000000000000003908038Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af886cb073d09d8a2022-01-11 12:18:55.837root 11241100x80000000000000003908039Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d84b06e8870d10882022-01-11 12:18:55.837root 11241100x80000000000000003908040Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df99e2d561dcda7f2022-01-11 12:18:55.838root 11241100x80000000000000003908041Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f44e569c5b5ece0f2022-01-11 12:18:55.838root 11241100x80000000000000003908042Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.490c2ccb028b10f22022-01-11 12:18:55.838root 11241100x80000000000000003908043Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c32d729bc932b9a2022-01-11 12:18:55.838root 11241100x80000000000000003908044Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1828efaef4f26962022-01-11 12:18:56.334root 11241100x80000000000000003908045Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.440bb8ffac7a701f2022-01-11 12:18:56.334root 11241100x80000000000000003908046Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2baf83f613c172ec2022-01-11 12:18:56.334root 11241100x80000000000000003908047Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.72ff5eeca138ead82022-01-11 12:18:56.334root 11241100x80000000000000003908048Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.71dd6403906cc7112022-01-11 12:18:56.335root 11241100x80000000000000003908049Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a15416d3524fde742022-01-11 12:18:56.335root 11241100x80000000000000003908050Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7926ac7ca99642aa2022-01-11 12:18:56.335root 11241100x80000000000000003908051Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cfd6fe7a2896606a2022-01-11 12:18:56.335root 11241100x80000000000000003908052Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.83dee3cb5c9d55d42022-01-11 12:18:56.335root 11241100x80000000000000003908053Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.34f059deddb058402022-01-11 12:18:56.336root 11241100x80000000000000003908054Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.423ff8f89d413b0c2022-01-11 12:18:56.336root 11241100x80000000000000003908055Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63214a6e2b6a212f2022-01-11 12:18:56.336root 11241100x80000000000000003908056Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.11c3e468a7ce0e332022-01-11 12:18:56.336root 11241100x80000000000000003908057Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9004e64a9ea700492022-01-11 12:18:56.336root 11241100x80000000000000003908058Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3891c0211a98ac512022-01-11 12:18:56.337root 11241100x80000000000000003908059Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d9938fe19acfc8642022-01-11 12:18:56.337root 11241100x80000000000000003908060Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d509ba5ac11e5412022-01-11 12:18:56.337root 11241100x80000000000000003908061Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.65284ce8cf09933b2022-01-11 12:18:56.337root 11241100x80000000000000003908062Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.16950e15dfdf99302022-01-11 12:18:56.337root 11241100x80000000000000003908063Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0f216f0badf746ad2022-01-11 12:18:56.337root 11241100x80000000000000003908064Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0f9c43796908e1cd2022-01-11 12:18:56.337root 11241100x80000000000000003908065Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8134777525fc82472022-01-11 12:18:56.338root 11241100x80000000000000003908066Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.037b97b1d4dfad7a2022-01-11 12:18:56.338root 11241100x80000000000000003908067Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.569b034d2cbe621c2022-01-11 12:18:56.338root 11241100x80000000000000003908068Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e7a54aa0e3bd6972022-01-11 12:18:56.338root 11241100x80000000000000003908069Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.223f02ef132bc0b42022-01-11 12:18:56.338root 11241100x80000000000000003908070Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e0b9193838b4f412022-01-11 12:18:56.338root 11241100x80000000000000003908071Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.82ea6a53c570dd832022-01-11 12:18:56.338root 11241100x80000000000000003908072Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.36ae02b660dd5cc42022-01-11 12:18:56.338root 11241100x80000000000000003908073Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc6628903e8c049a2022-01-11 12:18:56.338root 11241100x80000000000000003908074Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.793bfc50e39475bc2022-01-11 12:18:56.338root 11241100x80000000000000003908075Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.340{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b78d1c0f5d1553912022-01-11 12:18:56.340root 11241100x80000000000000003908076Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.340{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b14057e0accf39f2022-01-11 12:18:56.340root 11241100x80000000000000003908077Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.340{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a5f0dc02bdf96dc52022-01-11 12:18:56.340root 11241100x80000000000000003908078Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.340{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c1a26d2a5f124352022-01-11 12:18:56.340root 11241100x80000000000000003908079Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.340{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e806ca30ffd27172022-01-11 12:18:56.340root 11241100x80000000000000003908080Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.340{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7bf01661b4215c5c2022-01-11 12:18:56.340root 11241100x80000000000000003908081Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.341{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec3890db6db98b2f2022-01-11 12:18:56.341root 11241100x80000000000000003908082Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.68a730e3975834552022-01-11 12:18:56.833root 11241100x80000000000000003908083Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.28a58883b75df5342022-01-11 12:18:56.834root 11241100x80000000000000003908084Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d2717a93bced6c62022-01-11 12:18:56.834root 11241100x80000000000000003908085Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6bf88d39166afe72022-01-11 12:18:56.834root 11241100x80000000000000003908086Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.72464f2e8571e9972022-01-11 12:18:56.834root 11241100x80000000000000003908087Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77c59e3b0c499f6b2022-01-11 12:18:56.834root 11241100x80000000000000003908088Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dda59b955caeeacb2022-01-11 12:18:56.835root 11241100x80000000000000003908089Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.70fdfdb6216a78662022-01-11 12:18:56.835root 11241100x80000000000000003908090Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ba8efd88c83bbb72022-01-11 12:18:56.835root 11241100x80000000000000003908091Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f42916bb75640b0b2022-01-11 12:18:56.835root 11241100x80000000000000003908092Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c0078048597a4752022-01-11 12:18:56.835root 11241100x80000000000000003908093Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d9f169ef2a2e32442022-01-11 12:18:56.835root 11241100x80000000000000003908094Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc24966da5cd63102022-01-11 12:18:56.836root 11241100x80000000000000003908095Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09b22e9d21ddb8272022-01-11 12:18:56.836root 11241100x80000000000000003908096Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7313776fb64eebe22022-01-11 12:18:56.836root 11241100x80000000000000003908097Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eea605f6a10cbe592022-01-11 12:18:56.836root 11241100x80000000000000003908098Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d84545b1d7d061a2022-01-11 12:18:56.836root 11241100x80000000000000003908099Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8a2ca47fdec4f7412022-01-11 12:18:56.837root 11241100x80000000000000003908100Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a7754e0f56595ebb2022-01-11 12:18:56.837root 11241100x80000000000000003908101Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.52a130ba7a6125472022-01-11 12:18:56.837root 11241100x80000000000000003908102Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2a0904f985625daf2022-01-11 12:18:56.837root 11241100x80000000000000003908103Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd9172c5fe78e65b2022-01-11 12:18:56.837root 11241100x80000000000000003908104Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a9b6fdaa135cd8402022-01-11 12:18:56.837root 11241100x80000000000000003908105Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec71153bbe483ead2022-01-11 12:18:56.837root 11241100x80000000000000003908106Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b2f01a53da80c3f62022-01-11 12:18:56.838root 11241100x80000000000000003908107Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd17f077ad6ed7812022-01-11 12:18:56.838root 11241100x80000000000000003908108Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47e2cd35e35dc2742022-01-11 12:18:56.838root 11241100x80000000000000003908109Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d12437ef7d5008122022-01-11 12:18:56.838root 11241100x80000000000000003908110Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e59c286f85fbd6ab2022-01-11 12:18:56.838root 11241100x80000000000000003908111Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.461010aceecedb7b2022-01-11 12:18:56.838root 11241100x80000000000000003908112Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d4beb8ba9ca76c7a2022-01-11 12:18:56.838root 11241100x80000000000000003908113Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3fe98e040d125d82022-01-11 12:18:56.838root 11241100x80000000000000003908114Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.167d3a3eee67b7f62022-01-11 12:18:56.838root 11241100x80000000000000003908115Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a2a55d9a8795e4ce2022-01-11 12:18:56.839root 11241100x80000000000000003908116Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af8abf7071c78a912022-01-11 12:18:56.839root 11241100x80000000000000003908117Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c90b1cc6bccec242022-01-11 12:18:56.839root 11241100x80000000000000003908118Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.94c4475b6f9c799e2022-01-11 12:18:56.839root 11241100x80000000000000003908119Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ebede149590f7902022-01-11 12:18:56.839root 11241100x80000000000000003908120Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d5f9dfc402a161542022-01-11 12:18:56.839root 354300x80000000000000003908121Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.019{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56258-false10.0.1.12-8000- 11241100x80000000000000003908122Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4eab1f3549119bd32022-01-11 12:18:57.334root 11241100x80000000000000003908123Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac932dc447b25e7a2022-01-11 12:18:57.334root 11241100x80000000000000003908124Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9755f14db539db692022-01-11 12:18:57.334root 11241100x80000000000000003908125Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f82f1f011c6576802022-01-11 12:18:57.334root 11241100x80000000000000003908126Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.31b72c5ddb63faaf2022-01-11 12:18:57.334root 11241100x80000000000000003908127Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.faca0500dacd531a2022-01-11 12:18:57.334root 11241100x80000000000000003908128Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c5b8f82695845462022-01-11 12:18:57.335root 11241100x80000000000000003908129Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d9293fb55552c9242022-01-11 12:18:57.335root 11241100x80000000000000003908130Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f3298edf0e8cb96a2022-01-11 12:18:57.335root 11241100x80000000000000003908131Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f982842a4751bf5f2022-01-11 12:18:57.335root 11241100x80000000000000003908132Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cbe959ea65fdc65b2022-01-11 12:18:57.335root 11241100x80000000000000003908133Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.13b99f2d354e04042022-01-11 12:18:57.335root 11241100x80000000000000003908134Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2b8fafb76d5378052022-01-11 12:18:57.335root 11241100x80000000000000003908135Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cb36e4203732aed92022-01-11 12:18:57.336root 11241100x80000000000000003908136Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c69281f19447efdb2022-01-11 12:18:57.336root 11241100x80000000000000003908137Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.506a6e0b79723f062022-01-11 12:18:57.336root 11241100x80000000000000003908138Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b16e3148004fb0842022-01-11 12:18:57.336root 11241100x80000000000000003908139Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.032386b4bc7af8f52022-01-11 12:18:57.336root 11241100x80000000000000003908140Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.80ee533bf161701c2022-01-11 12:18:57.336root 11241100x80000000000000003908141Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.514a0224803cc5002022-01-11 12:18:57.336root 11241100x80000000000000003908142Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.caad55ffc88ad7742022-01-11 12:18:57.336root 11241100x80000000000000003908143Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.62f969fa64b05d2b2022-01-11 12:18:57.336root 11241100x80000000000000003908144Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6503743acd9611eb2022-01-11 12:18:57.337root 11241100x80000000000000003908145Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d063affda0f5b7de2022-01-11 12:18:57.337root 11241100x80000000000000003908146Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b95a0bf0eb660d742022-01-11 12:18:57.337root 11241100x80000000000000003908147Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.18ee66917c03e6942022-01-11 12:18:57.337root 11241100x80000000000000003908148Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c97662e6f5ce1e742022-01-11 12:18:57.337root 11241100x80000000000000003908149Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.635426147321918d2022-01-11 12:18:57.337root 11241100x80000000000000003908150Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9043a5b09ce488af2022-01-11 12:18:57.338root 11241100x80000000000000003908151Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a5cf33b78a854382022-01-11 12:18:57.338root 11241100x80000000000000003908152Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.94e19ebdeea756d12022-01-11 12:18:57.338root 11241100x80000000000000003908153Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b99375d2334d72f2022-01-11 12:18:57.338root 11241100x80000000000000003908154Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.102940ea97ac0a752022-01-11 12:18:57.338root 11241100x80000000000000003908155Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd5ab8a780614de12022-01-11 12:18:57.338root 11241100x80000000000000003908156Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1e46e51f00c1589d2022-01-11 12:18:57.338root 11241100x80000000000000003908157Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.339{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cfdf8b562aa2439d2022-01-11 12:18:57.339root 11241100x80000000000000003908158Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.339{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d5cd8dbbdeede0e2022-01-11 12:18:57.339root 11241100x80000000000000003908159Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.339{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cb44b50a9bd7ab682022-01-11 12:18:57.339root 11241100x80000000000000003908160Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.339{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ee99366f844698c2022-01-11 12:18:57.339root 11241100x80000000000000003908161Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.082a1b004bac4eb42022-01-11 12:18:57.834root 11241100x80000000000000003908162Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed5bcdc92cd841ac2022-01-11 12:18:57.834root 11241100x80000000000000003908163Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2406153b8a76119a2022-01-11 12:18:57.834root 11241100x80000000000000003908164Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9082987c702226422022-01-11 12:18:57.834root 11241100x80000000000000003908165Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc799d057e2c847f2022-01-11 12:18:57.834root 11241100x80000000000000003908166Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c107925b6e8e33462022-01-11 12:18:57.834root 11241100x80000000000000003908167Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b6b7bc96af77bfdf2022-01-11 12:18:57.834root 11241100x80000000000000003908168Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a9255fd7ecda371f2022-01-11 12:18:57.834root 11241100x80000000000000003908169Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc6f3801a0e088db2022-01-11 12:18:57.835root 11241100x80000000000000003908170Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d3b947edb11f04e2022-01-11 12:18:57.835root 11241100x80000000000000003908171Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.57d6d712919551852022-01-11 12:18:57.835root 11241100x80000000000000003908172Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8a3f00e73c46dc7d2022-01-11 12:18:57.835root 11241100x80000000000000003908173Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.356f6ae45ec3825b2022-01-11 12:18:57.835root 11241100x80000000000000003908174Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ace5100282a0e9292022-01-11 12:18:57.835root 11241100x80000000000000003908175Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3cd2d2e70a05cd792022-01-11 12:18:57.835root 11241100x80000000000000003908176Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.056f9da728c068b92022-01-11 12:18:57.836root 11241100x80000000000000003908177Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f6ee0ff7b49445942022-01-11 12:18:57.836root 11241100x80000000000000003908178Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb5f3e03c2938b0a2022-01-11 12:18:57.836root 11241100x80000000000000003908179Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc9f49867c9e1b382022-01-11 12:18:57.836root 11241100x80000000000000003908180Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.867529837161709f2022-01-11 12:18:57.836root 11241100x80000000000000003908181Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6377988eda26d06a2022-01-11 12:18:57.836root 11241100x80000000000000003908182Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ee90f6b94aabe942022-01-11 12:18:57.837root 11241100x80000000000000003908183Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c195af3dbf0b5d32022-01-11 12:18:57.837root 11241100x80000000000000003908184Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf4f046fdc9f3b3b2022-01-11 12:18:57.837root 11241100x80000000000000003908185Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.427a04f97ce6c6de2022-01-11 12:18:57.837root 11241100x80000000000000003908186Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b8707a3eb4565742022-01-11 12:18:57.837root 11241100x80000000000000003908187Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6d35825ad02ed9a2022-01-11 12:18:57.837root 11241100x80000000000000003908188Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2bce4fa4ff8da0cc2022-01-11 12:18:57.837root 11241100x80000000000000003908189Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.518d0bbcf26d822d2022-01-11 12:18:57.837root 11241100x80000000000000003908190Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1375e36fe91d75292022-01-11 12:18:57.837root 11241100x80000000000000003908191Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.52e25f444451e0982022-01-11 12:18:57.838root 11241100x80000000000000003908192Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.83f25f933e504d962022-01-11 12:18:57.838root 11241100x80000000000000003908193Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96953911f2f0fb6c2022-01-11 12:18:57.838root 11241100x80000000000000003908194Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.719257b2ae40f4092022-01-11 12:18:57.838root 11241100x80000000000000003908195Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.60d83b4dabbf8b932022-01-11 12:18:57.838root 11241100x80000000000000003908196Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4daf92984cf918162022-01-11 12:18:57.838root 11241100x80000000000000003908197Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b6960028d4816d12022-01-11 12:18:57.838root 11241100x80000000000000003908198Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c510f8ac17dd6dc2022-01-11 12:18:57.839root 23542300x80000000000000003908199Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.896{ec2d504d-f0f9-61db-30a8-2a40f5550000}5391root/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log--- 11241100x80000000000000003908200Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b5208ee11670e6f92022-01-11 12:18:58.333root 11241100x80000000000000003908201Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23b583198da6823c2022-01-11 12:18:58.333root 11241100x80000000000000003908202Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b23fa36b1c852412022-01-11 12:18:58.333root 11241100x80000000000000003908203Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b88655747d8cb5f52022-01-11 12:18:58.334root 11241100x80000000000000003908204Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dfccc317ae31ce6f2022-01-11 12:18:58.334root 11241100x80000000000000003908205Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a4c432a1fdc8fbcd2022-01-11 12:18:58.334root 11241100x80000000000000003908206Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f263891c837ee78f2022-01-11 12:18:58.334root 11241100x80000000000000003908207Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.40f0c2510594aea72022-01-11 12:18:58.334root 11241100x80000000000000003908208Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.926d09376d808aa02022-01-11 12:18:58.334root 11241100x80000000000000003908209Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cecb9af6c90779262022-01-11 12:18:58.335root 11241100x80000000000000003908210Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.61f09e0b16c3da892022-01-11 12:18:58.335root 11241100x80000000000000003908211Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f00cd73a537c7fa82022-01-11 12:18:58.335root 11241100x80000000000000003908212Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8bb05630239103882022-01-11 12:18:58.335root 11241100x80000000000000003908213Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5231a3f168a28a712022-01-11 12:18:58.335root 11241100x80000000000000003908214Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2738792b05c7dce42022-01-11 12:18:58.335root 11241100x80000000000000003908215Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a5384aabe06d37c82022-01-11 12:18:58.335root 11241100x80000000000000003908216Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd189bcd34b0d2222022-01-11 12:18:58.335root 11241100x80000000000000003908217Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce7c111b61700cc82022-01-11 12:18:58.335root 11241100x80000000000000003908218Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.468aa77cfbdb2ff52022-01-11 12:18:58.336root 11241100x80000000000000003908219Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b084d40d720b48a2022-01-11 12:18:58.336root 11241100x80000000000000003908220Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d43c17305fe4c41b2022-01-11 12:18:58.336root 11241100x80000000000000003908221Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4aa09e09d67820532022-01-11 12:18:58.336root 11241100x80000000000000003908222Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.461c231e4c657c4f2022-01-11 12:18:58.336root 11241100x80000000000000003908223Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.84cbdd92b5d080062022-01-11 12:18:58.336root 11241100x80000000000000003908224Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af7f72e27250de882022-01-11 12:18:58.336root 11241100x80000000000000003908225Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e5444367e74b98c2022-01-11 12:18:58.337root 11241100x80000000000000003908226Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2431f8bc3053b6132022-01-11 12:18:58.337root 11241100x80000000000000003908227Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77973779362f92c12022-01-11 12:18:58.337root 11241100x80000000000000003908228Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a39d24a0ba854bb62022-01-11 12:18:58.337root 11241100x80000000000000003908229Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b458ef39c8adf2e2022-01-11 12:18:58.337root 11241100x80000000000000003908230Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.80c588c35da1174c2022-01-11 12:18:58.337root 11241100x80000000000000003908231Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.000515f9233dc34f2022-01-11 12:18:58.337root 11241100x80000000000000003908232Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.84291234e95cecb42022-01-11 12:18:58.337root 11241100x80000000000000003908233Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e90562287b22b62a2022-01-11 12:18:58.337root 11241100x80000000000000003908234Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76b0f560e99397d72022-01-11 12:18:58.337root 11241100x80000000000000003908235Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.813e10103054e2652022-01-11 12:18:58.338root 11241100x80000000000000003908236Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5113c5b12a85a4662022-01-11 12:18:58.338root 11241100x80000000000000003908237Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3fdfbdb64276ec1c2022-01-11 12:18:58.338root 11241100x80000000000000003908238Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.53c04bff5e2b24f72022-01-11 12:18:58.338root 11241100x80000000000000003908239Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b04fa66209a4a8c72022-01-11 12:18:58.338root 11241100x80000000000000003908240Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.07f71831b3a157632022-01-11 12:18:58.338root 11241100x80000000000000003908241Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.06befb9eb137f0c02022-01-11 12:18:58.338root 11241100x80000000000000003908242Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0f06e1fb67b63b092022-01-11 12:18:58.338root 11241100x80000000000000003908243Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a7d7e51ccccaf4052022-01-11 12:18:58.338root 11241100x80000000000000003908244Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.339{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38053e77af9449fa2022-01-11 12:18:58.339root 11241100x80000000000000003908245Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.339{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ca7e44cbad8836f2022-01-11 12:18:58.339root 11241100x80000000000000003908246Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.339{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.61304a884544c3c52022-01-11 12:18:58.339root 11241100x80000000000000003908247Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.339{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.62d83d0f8a3c9ce92022-01-11 12:18:58.339root 11241100x80000000000000003908248Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.339{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.947f427ee12c6a5a2022-01-11 12:18:58.339root 11241100x80000000000000003908249Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.339{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8eef339c411cf86d2022-01-11 12:18:58.339root 11241100x80000000000000003908250Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.339{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2af2430d615dc37d2022-01-11 12:18:58.339root 11241100x80000000000000003908251Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.339{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee0aca3274031a512022-01-11 12:18:58.339root 11241100x80000000000000003908252Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.339{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.714d30db7ad030e82022-01-11 12:18:58.339root 11241100x80000000000000003908253Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.340{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f681f29f14e0f0612022-01-11 12:18:58.340root 11241100x80000000000000003908254Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.340{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.39afb4fcffa8a5912022-01-11 12:18:58.340root 11241100x80000000000000003908255Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.340{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f3a5c7a605e62f2b2022-01-11 12:18:58.340root 11241100x80000000000000003908256Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.340{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.484765c2cf77c4282022-01-11 12:18:58.340root 11241100x80000000000000003908257Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.340{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d6a12590d394bfd2022-01-11 12:18:58.340root 11241100x80000000000000003908258Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.340{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f3affbc5a11d93ef2022-01-11 12:18:58.340root 11241100x80000000000000003908259Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.340{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3795c4bca98260a82022-01-11 12:18:58.340root 11241100x80000000000000003908260Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.340{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.87c9e6b2cb7fb8ab2022-01-11 12:18:58.340root 11241100x80000000000000003908261Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.340{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ccae8ffd440eff2c2022-01-11 12:18:58.340root 11241100x80000000000000003908262Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.341{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd015002166f56f62022-01-11 12:18:58.341root 11241100x80000000000000003908263Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.341{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e3e4b994728af9122022-01-11 12:18:58.341root 11241100x80000000000000003908264Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.341{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a2425db0d79439ae2022-01-11 12:18:58.341root 11241100x80000000000000003908265Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.342{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f8494dc905c597492022-01-11 12:18:58.342root 11241100x80000000000000003908266Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.342{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.79ab6cf42e4c31322022-01-11 12:18:58.342root 11241100x80000000000000003908267Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.342{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c3c137e99bd91ab2022-01-11 12:18:58.342root 11241100x80000000000000003908268Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.342{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.49b7258b6b3fcd2a2022-01-11 12:18:58.342root 11241100x80000000000000003908269Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.342{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c83b36936f93f8992022-01-11 12:18:58.342root 11241100x80000000000000003908270Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.342{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f00969afc5dde512022-01-11 12:18:58.342root 11241100x80000000000000003908271Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.343{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.434a87200237b54e2022-01-11 12:18:58.343root 11241100x80000000000000003908272Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.343{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d424594bf83e20cf2022-01-11 12:18:58.343root 11241100x80000000000000003908273Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.343{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc357397d3e25a0d2022-01-11 12:18:58.343root 11241100x80000000000000003908274Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.343{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c6dff5b16f0923b2022-01-11 12:18:58.343root 11241100x80000000000000003908275Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.343{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41e4cb9a6cf2bd1d2022-01-11 12:18:58.343root 11241100x80000000000000003908276Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.344{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f2439754fa7a39802022-01-11 12:18:58.344root 11241100x80000000000000003908277Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.344{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8706ae8d151261c2022-01-11 12:18:58.344root 11241100x80000000000000003908278Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.344{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e8676d5c18d93ee2022-01-11 12:18:58.344root 11241100x80000000000000003908279Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.344{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9cb1b712ca7c51df2022-01-11 12:18:58.344root 11241100x80000000000000003908280Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.344{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.655c45c1495360e12022-01-11 12:18:58.344root 11241100x80000000000000003908281Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.345{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c7fb2e6e3a416422022-01-11 12:18:58.345root 11241100x80000000000000003908282Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.345{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9bde88cd986971972022-01-11 12:18:58.345root 11241100x80000000000000003908283Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.345{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54ec11e74283ed912022-01-11 12:18:58.345root 11241100x80000000000000003908284Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.345{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9de8129e0081eb172022-01-11 12:18:58.345root 11241100x80000000000000003908285Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.345{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.203f9dc3ecb01b8f2022-01-11 12:18:58.345root 11241100x80000000000000003908286Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.345{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f3c0bd65ce189f7d2022-01-11 12:18:58.345root 11241100x80000000000000003908287Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.345{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91870c4e7036d01f2022-01-11 12:18:58.345root 11241100x80000000000000003908288Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.345{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.984197dfdf1ba3dc2022-01-11 12:18:58.345root 11241100x80000000000000003908289Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.346{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e7fc90101e679fa2022-01-11 12:18:58.346root 11241100x80000000000000003908290Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.346{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.425ae42834b5a4bc2022-01-11 12:18:58.346root 11241100x80000000000000003908291Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.346{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3d9e33cf97f69222022-01-11 12:18:58.346root 11241100x80000000000000003908292Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.346{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca33adab36a7339a2022-01-11 12:18:58.346root 11241100x80000000000000003908293Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.346{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.32053455bb8c22b32022-01-11 12:18:58.346root 11241100x80000000000000003908294Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.346{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25950aab0d0399752022-01-11 12:18:58.346root 11241100x80000000000000003908295Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.346{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3701bc2b3985c74d2022-01-11 12:18:58.346root 11241100x80000000000000003908296Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.346{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.44c8b3ec0dcd584b2022-01-11 12:18:58.346root 11241100x80000000000000003908297Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a582e3aa79212232022-01-11 12:18:58.833root 11241100x80000000000000003908298Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.790aac4edbfd92be2022-01-11 12:18:58.834root 11241100x80000000000000003908299Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.12b2cf702f9828382022-01-11 12:18:58.834root 11241100x80000000000000003908300Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d8cfbb67a3e187c2022-01-11 12:18:58.834root 11241100x80000000000000003908301Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d987bb93af057af02022-01-11 12:18:58.834root 11241100x80000000000000003908302Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f2c1ae46bbf86fec2022-01-11 12:18:58.834root 11241100x80000000000000003908303Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d2b2164cda0b0c4a2022-01-11 12:18:58.835root 11241100x80000000000000003908304Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f50179712eb5059d2022-01-11 12:18:58.835root 11241100x80000000000000003908305Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fb8a72b68121f95b2022-01-11 12:18:58.835root 11241100x80000000000000003908306Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c916d052070db9332022-01-11 12:18:58.835root 11241100x80000000000000003908307Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.392523ccba435e0e2022-01-11 12:18:58.836root 11241100x80000000000000003908308Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76c80d4f1bdbb7ef2022-01-11 12:18:58.836root 11241100x80000000000000003908309Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e745a34ebc81c332022-01-11 12:18:58.836root 11241100x80000000000000003908310Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dcfc73fae2440f1d2022-01-11 12:18:58.836root 11241100x80000000000000003908311Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ba3812a9b8966fb2022-01-11 12:18:58.836root 11241100x80000000000000003908312Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fac09fbc3b26b9ba2022-01-11 12:18:58.836root 11241100x80000000000000003908313Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe1488a8568f4e752022-01-11 12:18:58.837root 11241100x80000000000000003908314Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f76f320e3f40f142022-01-11 12:18:58.837root 11241100x80000000000000003908315Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.36d569b6fb51e0462022-01-11 12:18:58.837root 11241100x80000000000000003908316Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7326299bd157b5ca2022-01-11 12:18:58.837root 11241100x80000000000000003908317Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c35f3ab831823f52022-01-11 12:18:58.837root 11241100x80000000000000003908318Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a0b4afd71b48e242022-01-11 12:18:58.837root 11241100x80000000000000003908319Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2895cd51aef730432022-01-11 12:18:58.837root 11241100x80000000000000003908320Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d3c817db635304cd2022-01-11 12:18:58.837root 11241100x80000000000000003908321Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.439c20b8c94083bc2022-01-11 12:18:58.837root 11241100x80000000000000003908322Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce568089dba785232022-01-11 12:18:58.838root 11241100x80000000000000003908323Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9287460bc02ada522022-01-11 12:18:58.838root 11241100x80000000000000003908324Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd3844f0b8277c6d2022-01-11 12:18:58.838root 11241100x80000000000000003908325Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2af2e404ebf3bfe72022-01-11 12:18:58.838root 11241100x80000000000000003908326Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4131f2f1e216b5572022-01-11 12:18:58.838root 11241100x80000000000000003908327Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d86b3057f4d43fd2022-01-11 12:18:58.838root 11241100x80000000000000003908328Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6a07f9dc11e90ad2022-01-11 12:18:58.838root 11241100x80000000000000003908329Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce70076f95b1da792022-01-11 12:18:58.838root 11241100x80000000000000003908330Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa6110d0ee1385e22022-01-11 12:18:58.838root 11241100x80000000000000003908331Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d1064b95450daa92022-01-11 12:18:58.838root 11241100x80000000000000003908332Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.157a3a2ceca76f4e2022-01-11 12:18:58.839root 11241100x80000000000000003908333Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9fbaff28f76746d42022-01-11 12:18:58.839root 11241100x80000000000000003908334Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4be126f5594bb0b12022-01-11 12:18:58.839root 11241100x80000000000000003908335Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ef9c3ee81013f0a2022-01-11 12:18:58.839root 11241100x80000000000000003908336Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.939f61d7cca63f102022-01-11 12:18:58.839root 11241100x80000000000000003908337Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9313c9b3e1cb015a2022-01-11 12:18:59.333root 11241100x80000000000000003908338Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dff703ca9d686dee2022-01-11 12:18:59.334root 11241100x80000000000000003908339Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4d1076c5dde13a502022-01-11 12:18:59.334root 11241100x80000000000000003908340Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0967ad6878d4f0c22022-01-11 12:18:59.334root 11241100x80000000000000003908341Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6a6cd180aa3858a2022-01-11 12:18:59.335root 11241100x80000000000000003908342Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ea9ec03592619f62022-01-11 12:18:59.336root 11241100x80000000000000003908343Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.782da9a84e4035242022-01-11 12:18:59.336root 11241100x80000000000000003908344Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.893ccddd2f43eef32022-01-11 12:18:59.336root 11241100x80000000000000003908345Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.43ceba2b4a3a30dd2022-01-11 12:18:59.336root 11241100x80000000000000003908346Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.97c239a85e6ac8b52022-01-11 12:18:59.336root 11241100x80000000000000003908347Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.43d43ce8118f4de02022-01-11 12:18:59.336root 11241100x80000000000000003908348Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.97da28af121a1e9d2022-01-11 12:18:59.336root 11241100x80000000000000003908349Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eac4e828745d9b492022-01-11 12:18:59.336root 11241100x80000000000000003908350Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.87401b576ace96e42022-01-11 12:18:59.336root 11241100x80000000000000003908351Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f594b59545bcc9db2022-01-11 12:18:59.336root 11241100x80000000000000003908352Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d96ee2c2594ef592022-01-11 12:18:59.337root 11241100x80000000000000003908353Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77c96c95bb8825e12022-01-11 12:18:59.337root 11241100x80000000000000003908354Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e5c3ad12d83b8ca2022-01-11 12:18:59.337root 11241100x80000000000000003908355Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b932fac9944cee32022-01-11 12:18:59.337root 11241100x80000000000000003908356Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.377297fd3a6743ed2022-01-11 12:18:59.337root 11241100x80000000000000003908357Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.037968114ce1f70f2022-01-11 12:18:59.337root 11241100x80000000000000003908358Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.caed58e65219e4c12022-01-11 12:18:59.337root 11241100x80000000000000003908359Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8decad27fd762602022-01-11 12:18:59.337root 11241100x80000000000000003908360Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.85c39038e4227b672022-01-11 12:18:59.337root 11241100x80000000000000003908361Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.802a65bc38becd892022-01-11 12:18:59.337root 11241100x80000000000000003908362Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3ce1ac505c5c9ec2022-01-11 12:18:59.337root 11241100x80000000000000003908363Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48a0028a00de52e92022-01-11 12:18:59.337root 11241100x80000000000000003908364Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ef9d6c0d81844782022-01-11 12:18:59.337root 11241100x80000000000000003908365Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d776f447df19114c2022-01-11 12:18:59.337root 11241100x80000000000000003908366Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.463d7e4a27d4c17a2022-01-11 12:18:59.337root 11241100x80000000000000003908367Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3de3c840b73d1d772022-01-11 12:18:59.337root 11241100x80000000000000003908368Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.259a972c7f10bd5c2022-01-11 12:18:59.338root 11241100x80000000000000003908369Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.694fb8fd547e0c7b2022-01-11 12:18:59.338root 11241100x80000000000000003908370Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.10e17a00561b04ee2022-01-11 12:18:59.338root 11241100x80000000000000003908371Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a83cf61ae2a8b8912022-01-11 12:18:59.338root 11241100x80000000000000003908372Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c93009d7f3ee5962022-01-11 12:18:59.338root 11241100x80000000000000003908373Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f20c161e43b7df62022-01-11 12:18:59.338root 11241100x80000000000000003908374Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b862a256b7db55982022-01-11 12:18:59.338root 11241100x80000000000000003908375Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21eca8f722ec10052022-01-11 12:18:59.338root 11241100x80000000000000003908376Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1592d08d16de80872022-01-11 12:18:59.338root 11241100x80000000000000003908377Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5309f7746ba48b5a2022-01-11 12:18:59.338root 11241100x80000000000000003908378Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2a51fa88c02aa2b12022-01-11 12:18:59.338root 11241100x80000000000000003908379Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a87892f3613ff6262022-01-11 12:18:59.833root 11241100x80000000000000003908380Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6bdeb977786b6a92022-01-11 12:18:59.834root 11241100x80000000000000003908381Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1fcdea87fef6baff2022-01-11 12:18:59.834root 11241100x80000000000000003908382Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cce6a8473d30df5c2022-01-11 12:18:59.835root 11241100x80000000000000003908383Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be0b9a17ef4492a52022-01-11 12:18:59.835root 11241100x80000000000000003908384Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.faa99cbd8b39f12c2022-01-11 12:18:59.835root 11241100x80000000000000003908385Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b37486175ff799e92022-01-11 12:18:59.835root 11241100x80000000000000003908386Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a3525d55b0a2969a2022-01-11 12:18:59.836root 11241100x80000000000000003908387Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a3a62d78066a1d982022-01-11 12:18:59.836root 11241100x80000000000000003908388Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.214f7d11d73b724a2022-01-11 12:18:59.836root 11241100x80000000000000003908389Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95c258026a14ef8c2022-01-11 12:18:59.836root 11241100x80000000000000003908390Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47b2ea4f9798234d2022-01-11 12:18:59.836root 11241100x80000000000000003908391Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d2b9c863cb9d87072022-01-11 12:18:59.836root 11241100x80000000000000003908392Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.097c993a665088692022-01-11 12:18:59.836root 11241100x80000000000000003908393Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a19144e56ec5644f2022-01-11 12:18:59.836root 11241100x80000000000000003908394Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d06fd810ea2e62942022-01-11 12:18:59.837root 11241100x80000000000000003908395Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c53aab957a991a862022-01-11 12:18:59.837root 11241100x80000000000000003908396Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a2d4fcec5ca7ac72022-01-11 12:18:59.837root 11241100x80000000000000003908397Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.04e4e30404d104542022-01-11 12:18:59.837root 11241100x80000000000000003908398Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b01cff17dcf886842022-01-11 12:18:59.837root 11241100x80000000000000003908399Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.828d1e0ed845243e2022-01-11 12:18:59.837root 11241100x80000000000000003908400Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e2c5a6ceb966a812022-01-11 12:18:59.837root 11241100x80000000000000003908401Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6733c44cf5b097722022-01-11 12:18:59.837root 11241100x80000000000000003908402Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3c92c8f11551ef8f2022-01-11 12:18:59.837root 11241100x80000000000000003908403Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef4b49191c5357fa2022-01-11 12:18:59.837root 11241100x80000000000000003908404Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a7315c7379cc9ca2022-01-11 12:18:59.838root 11241100x80000000000000003908405Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.55cd62270136aa422022-01-11 12:18:59.838root 11241100x80000000000000003908406Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f573b00d7d912ddc2022-01-11 12:18:59.838root 11241100x80000000000000003908407Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce05f348b4566b312022-01-11 12:18:59.838root 11241100x80000000000000003908408Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.811de947755be3012022-01-11 12:18:59.838root 11241100x80000000000000003908409Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a2352d11001842c42022-01-11 12:18:59.838root 11241100x80000000000000003908410Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a2b54a42f686d0d72022-01-11 12:18:59.838root 11241100x80000000000000003908411Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d593912811ba25992022-01-11 12:18:59.838root 11241100x80000000000000003908412Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e5944bbb32eead6d2022-01-11 12:18:59.838root 11241100x80000000000000003908413Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6178653857f2b3a2022-01-11 12:18:59.839root 11241100x80000000000000003908414Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.093eb97e9ae2a0e62022-01-11 12:18:59.839root 11241100x80000000000000003908415Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d6f05c92dc0b2b82022-01-11 12:18:59.839root 11241100x80000000000000003908416Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a76dcf267d453a9a2022-01-11 12:18:59.839root 11241100x80000000000000003908417Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90f58c75c33be7732022-01-11 12:18:59.839root 11241100x80000000000000003908418Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be4207742e739bac2022-01-11 12:18:59.839root 11241100x80000000000000003908419Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.840{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db68cf90e1f5199c2022-01-11 12:18:59.840root 11241100x80000000000000003908420Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.942a787abfeb45fb2022-01-11 12:19:00.333root 11241100x80000000000000003908421Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc0577b04d75f9082022-01-11 12:19:00.334root 11241100x80000000000000003908422Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b15e487e742d39a2022-01-11 12:19:00.334root 11241100x80000000000000003908423Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e9c1816f1310ce792022-01-11 12:19:00.334root 11241100x80000000000000003908424Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0803711dad5114082022-01-11 12:19:00.335root 11241100x80000000000000003908425Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.89456cf58363803e2022-01-11 12:19:00.335root 11241100x80000000000000003908426Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6e4897657ceab26e2022-01-11 12:19:00.335root 11241100x80000000000000003908427Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e5e4c403856ca8f2022-01-11 12:19:00.335root 11241100x80000000000000003908428Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc52cee408ccf1db2022-01-11 12:19:00.335root 11241100x80000000000000003908429Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc4f3d58a68d2cdb2022-01-11 12:19:00.335root 11241100x80000000000000003908430Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.985daa05a40aabb52022-01-11 12:19:00.335root 11241100x80000000000000003908431Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b844732a45b63d0b2022-01-11 12:19:00.335root 11241100x80000000000000003908432Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c825a2655d53c5af2022-01-11 12:19:00.335root 11241100x80000000000000003908433Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.abf3f5166d7905e52022-01-11 12:19:00.335root 11241100x80000000000000003908434Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8923e556ab2fcf112022-01-11 12:19:00.335root 11241100x80000000000000003908435Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b11c056799dcffdb2022-01-11 12:19:00.336root 11241100x80000000000000003908436Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.248e11f2e9eb7eef2022-01-11 12:19:00.336root 11241100x80000000000000003908437Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d21abeba151b6bba2022-01-11 12:19:00.336root 11241100x80000000000000003908438Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee1faad1b26b674e2022-01-11 12:19:00.336root 11241100x80000000000000003908439Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2aca8fac07151a572022-01-11 12:19:00.336root 11241100x80000000000000003908440Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23b111755d0014de2022-01-11 12:19:00.336root 11241100x80000000000000003908441Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a03ea66d786a78552022-01-11 12:19:00.336root 11241100x80000000000000003908442Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d91189a60c5c36552022-01-11 12:19:00.336root 11241100x80000000000000003908443Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c185afe6628e9a252022-01-11 12:19:00.336root 11241100x80000000000000003908444Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.821930820c39f0a02022-01-11 12:19:00.336root 11241100x80000000000000003908445Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9ef91b4c068a1cf2022-01-11 12:19:00.337root 11241100x80000000000000003908446Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ec2d22232c2ee862022-01-11 12:19:00.337root 11241100x80000000000000003908447Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76e0db72ad36487f2022-01-11 12:19:00.337root 11241100x80000000000000003908448Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d94773ab7e6ba722022-01-11 12:19:00.337root 11241100x80000000000000003908449Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.39bed0eeb3bf3b182022-01-11 12:19:00.337root 11241100x80000000000000003908450Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2079d5be98ad9e5e2022-01-11 12:19:00.337root 11241100x80000000000000003908451Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76c1ef2de123460d2022-01-11 12:19:00.337root 11241100x80000000000000003908452Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3b69681d1a69f932022-01-11 12:19:00.337root 11241100x80000000000000003908453Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.88f5f1a53cbfc67c2022-01-11 12:19:00.337root 11241100x80000000000000003908454Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b36bce379514c612022-01-11 12:19:00.338root 11241100x80000000000000003908455Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.feccc173da8cd1712022-01-11 12:19:00.338root 11241100x80000000000000003908456Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.99f177f20bb586ae2022-01-11 12:19:00.338root 11241100x80000000000000003908457Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2feaec7d3776f61e2022-01-11 12:19:00.338root 11241100x80000000000000003908458Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33bd5858c408ba562022-01-11 12:19:00.338root 11241100x80000000000000003908459Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.51c671f17886b7962022-01-11 12:19:00.338root 11241100x80000000000000003908460Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.36ca74607a65f8072022-01-11 12:19:00.338root 11241100x80000000000000003908461Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5eaa1c796ea7e32f2022-01-11 12:19:00.835root 11241100x80000000000000003908462Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.496b0625670812912022-01-11 12:19:00.835root 11241100x80000000000000003908463Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.98baa0c3666e87312022-01-11 12:19:00.835root 11241100x80000000000000003908464Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1666ed06dc3e79882022-01-11 12:19:00.836root 11241100x80000000000000003908465Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ab28e38fc1cf696e2022-01-11 12:19:00.836root 11241100x80000000000000003908466Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d1367307712d92e2022-01-11 12:19:00.836root 11241100x80000000000000003908467Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca3845b6c7a7a7642022-01-11 12:19:00.836root 11241100x80000000000000003908468Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.630da29a2806b35e2022-01-11 12:19:00.836root 11241100x80000000000000003908469Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.810b69f890ea94dd2022-01-11 12:19:00.836root 11241100x80000000000000003908470Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2a1e0c1c8cddc52b2022-01-11 12:19:00.836root 11241100x80000000000000003908471Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d89ce9b9a791b342022-01-11 12:19:00.836root 11241100x80000000000000003908472Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6aeb4772eadee3e82022-01-11 12:19:00.837root 11241100x80000000000000003908473Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63c546805c6be3412022-01-11 12:19:00.837root 11241100x80000000000000003908474Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.880906d29a57cdc52022-01-11 12:19:00.837root 11241100x80000000000000003908475Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.757afe9847cf55942022-01-11 12:19:00.837root 11241100x80000000000000003908476Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d516ab02831f9fb72022-01-11 12:19:00.837root 11241100x80000000000000003908477Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d08a94d34c49d1f2022-01-11 12:19:00.837root 11241100x80000000000000003908478Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.88f775069a5bc3a82022-01-11 12:19:00.837root 11241100x80000000000000003908479Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8e4badbdb6c766d2022-01-11 12:19:00.837root 11241100x80000000000000003908480Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3521dd0ce3bbd1f02022-01-11 12:19:00.837root 11241100x80000000000000003908481Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.062c7c894047bc562022-01-11 12:19:00.837root 11241100x80000000000000003908482Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f7cab32b04cd4b52022-01-11 12:19:00.838root 11241100x80000000000000003908483Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5587240b4c3a0b452022-01-11 12:19:00.838root 11241100x80000000000000003908484Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6effe13dcbf8b0df2022-01-11 12:19:00.838root 11241100x80000000000000003908485Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.52ec27a945bbedff2022-01-11 12:19:00.838root 11241100x80000000000000003908486Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c63b1c7b7bc649272022-01-11 12:19:00.838root 11241100x80000000000000003908487Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.792162a9f994e8862022-01-11 12:19:00.838root 11241100x80000000000000003908488Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63fbd754ed00984a2022-01-11 12:19:00.838root 11241100x80000000000000003908489Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.feb39323a43566ab2022-01-11 12:19:00.838root 11241100x80000000000000003908490Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c8e15d7e479f1ad22022-01-11 12:19:00.838root 11241100x80000000000000003908491Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b7105591e8bc50f2022-01-11 12:19:00.838root 11241100x80000000000000003908492Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.72f1f3f711fa5c562022-01-11 12:19:00.839root 11241100x80000000000000003908493Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db2a454c837625932022-01-11 12:19:00.839root 11241100x80000000000000003908494Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2071d4529b6859442022-01-11 12:19:00.839root 11241100x80000000000000003908495Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.32832564ee5e2bde2022-01-11 12:19:00.839root 11241100x80000000000000003908496Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.81962ebe00c59ed72022-01-11 12:19:00.839root 11241100x80000000000000003908497Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4678d7dd54bef2312022-01-11 12:19:00.839root 11241100x80000000000000003908498Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b26f717be1de26122022-01-11 12:19:00.839root 11241100x80000000000000003908499Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.14f11634eca9d0b32022-01-11 12:19:01.333root 11241100x80000000000000003908500Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.328831fc9469ad672022-01-11 12:19:01.334root 11241100x80000000000000003908501Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d4b85d038e91d642022-01-11 12:19:01.334root 11241100x80000000000000003908502Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.59c2334f96e2fb132022-01-11 12:19:01.334root 11241100x80000000000000003908503Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec3293540fd5dec82022-01-11 12:19:01.334root 11241100x80000000000000003908504Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d4cc2ce9f3dce442022-01-11 12:19:01.334root 11241100x80000000000000003908505Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.04d7a00fe3cd5f622022-01-11 12:19:01.334root 11241100x80000000000000003908506Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d707bcd481ed7db62022-01-11 12:19:01.334root 11241100x80000000000000003908507Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.370d59cdcddb10002022-01-11 12:19:01.334root 11241100x80000000000000003908508Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e89f4187a1fa64562022-01-11 12:19:01.334root 11241100x80000000000000003908509Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8edb794cf4fcce392022-01-11 12:19:01.334root 11241100x80000000000000003908510Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.83546a594b92f1232022-01-11 12:19:01.334root 11241100x80000000000000003908511Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7345fec3241e99ac2022-01-11 12:19:01.334root 11241100x80000000000000003908512Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a56210ba6022916f2022-01-11 12:19:01.335root 11241100x80000000000000003908513Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e345daabc486c1b62022-01-11 12:19:01.335root 11241100x80000000000000003908514Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0227f3f48561c4002022-01-11 12:19:01.335root 11241100x80000000000000003908515Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa1ceb00c8c7221d2022-01-11 12:19:01.335root 11241100x80000000000000003908516Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.58f45e3da8ed6c8a2022-01-11 12:19:01.335root 11241100x80000000000000003908517Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.802c43b1392e416c2022-01-11 12:19:01.335root 11241100x80000000000000003908518Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.87ff82df5e07706f2022-01-11 12:19:01.335root 11241100x80000000000000003908519Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c1e6a9b6d75a03132022-01-11 12:19:01.336root 11241100x80000000000000003908520Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e786742abfd2bfe92022-01-11 12:19:01.336root 11241100x80000000000000003908521Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d59059188859c152022-01-11 12:19:01.336root 11241100x80000000000000003908522Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.74166327ab43a3532022-01-11 12:19:01.336root 11241100x80000000000000003908523Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.97d443d069395f362022-01-11 12:19:01.336root 11241100x80000000000000003908524Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.814254a3dd92eb642022-01-11 12:19:01.337root 11241100x80000000000000003908525Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed82e2e90fce6a5e2022-01-11 12:19:01.337root 11241100x80000000000000003908526Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3081b4761de0801c2022-01-11 12:19:01.337root 11241100x80000000000000003908527Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.39f17bb1d7b832742022-01-11 12:19:01.337root 11241100x80000000000000003908528Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.34c5b96dc9f419b32022-01-11 12:19:01.338root 11241100x80000000000000003908529Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5dcb6b3f0a3c62642022-01-11 12:19:01.338root 11241100x80000000000000003908530Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.532f59d68ded34032022-01-11 12:19:01.338root 11241100x80000000000000003908531Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3777978891e3f0212022-01-11 12:19:01.338root 11241100x80000000000000003908532Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.22d3290dbf04b5202022-01-11 12:19:01.338root 11241100x80000000000000003908533Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.461a59ee4700f3ea2022-01-11 12:19:01.338root 11241100x80000000000000003908534Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.339{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.06902b6cd440d9b02022-01-11 12:19:01.339root 11241100x80000000000000003908535Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.340{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.137b22ef090ce1952022-01-11 12:19:01.340root 11241100x80000000000000003908536Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.340{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8142e9c43f9e5a282022-01-11 12:19:01.340root 11241100x80000000000000003908537Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.99eae1088b5d2e122022-01-11 12:19:01.834root 11241100x80000000000000003908538Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7fd5db8f531dc4e12022-01-11 12:19:01.834root 11241100x80000000000000003908539Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d279bd31e2da80302022-01-11 12:19:01.834root 11241100x80000000000000003908540Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f338d952fa7802cd2022-01-11 12:19:01.834root 11241100x80000000000000003908541Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.753c455a72d87d6c2022-01-11 12:19:01.834root 11241100x80000000000000003908542Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.761918740f6eae902022-01-11 12:19:01.834root 11241100x80000000000000003908543Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f73dde481cb4e9b12022-01-11 12:19:01.834root 11241100x80000000000000003908544Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.68bc2831f0fe514c2022-01-11 12:19:01.835root 11241100x80000000000000003908545Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b6066313ade33ba52022-01-11 12:19:01.835root 11241100x80000000000000003908546Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.306eacfd84e0644e2022-01-11 12:19:01.835root 11241100x80000000000000003908547Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.432b3d27d20a63512022-01-11 12:19:01.835root 11241100x80000000000000003908548Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa6aa5195db0edce2022-01-11 12:19:01.835root 11241100x80000000000000003908549Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b7dc20761584c952022-01-11 12:19:01.835root 11241100x80000000000000003908550Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b32a9c6dea7b9eb62022-01-11 12:19:01.835root 11241100x80000000000000003908551Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3fc27d0e5e82764e2022-01-11 12:19:01.836root 11241100x80000000000000003908552Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.24f13f666b415b502022-01-11 12:19:01.836root 11241100x80000000000000003908553Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f3e7a6f7a535188f2022-01-11 12:19:01.836root 11241100x80000000000000003908554Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.185b80f44b0d17122022-01-11 12:19:01.836root 11241100x80000000000000003908555Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1010afa0015e63142022-01-11 12:19:01.836root 11241100x80000000000000003908556Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c95feee6233529b12022-01-11 12:19:01.836root 11241100x80000000000000003908557Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.19cc7b325e0cb29e2022-01-11 12:19:01.837root 11241100x80000000000000003908558Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd1dc6ea8b7264832022-01-11 12:19:01.837root 11241100x80000000000000003908559Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e1db9db372d1319c2022-01-11 12:19:01.837root 11241100x80000000000000003908560Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48b71926dc028de52022-01-11 12:19:01.837root 11241100x80000000000000003908561Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8091b1a3f4b7797d2022-01-11 12:19:01.837root 11241100x80000000000000003908562Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ecf9eda6d9943f62022-01-11 12:19:01.838root 11241100x80000000000000003908563Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a7b96034309efa12022-01-11 12:19:01.838root 11241100x80000000000000003908564Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.537b18886082fc312022-01-11 12:19:01.838root 11241100x80000000000000003908565Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b45a48db6b866422022-01-11 12:19:01.839root 11241100x80000000000000003908566Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.201ddc8a9af456052022-01-11 12:19:01.839root 11241100x80000000000000003908567Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.837bba11b8a9c7de2022-01-11 12:19:01.839root 11241100x80000000000000003908568Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cfb8492bacede9a52022-01-11 12:19:01.839root 11241100x80000000000000003908569Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c084e41e9ed2d022022-01-11 12:19:01.839root 11241100x80000000000000003908570Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.298cf22f81fd463c2022-01-11 12:19:01.839root 11241100x80000000000000003908571Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.840{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b973e38079bd928a2022-01-11 12:19:01.840root 11241100x80000000000000003908572Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.840{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa7ae9794c4fafe52022-01-11 12:19:01.840root 11241100x80000000000000003908573Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.840{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.35519c452879f2762022-01-11 12:19:01.840root 11241100x80000000000000003908574Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.840{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a2030406b7c0bff2022-01-11 12:19:01.840root 11241100x80000000000000003908575Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.840{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ee558619bda0e402022-01-11 12:19:01.840root 11241100x80000000000000003908576Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.840{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9961596c9c2b94f22022-01-11 12:19:01.840root 11241100x80000000000000003908577Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.841{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.10fd1c4b393642a52022-01-11 12:19:01.841root 11241100x80000000000000003908578Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.841{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.87d2c078df4961b72022-01-11 12:19:01.841root 11241100x80000000000000003908579Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.841{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7da43d2e1168ba9f2022-01-11 12:19:01.841root 354300x80000000000000003908580Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.208{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56260-false10.0.1.12-8000- 11241100x80000000000000003908581Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.209{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.edaf369b981f9b3f2022-01-11 12:19:02.209root 11241100x80000000000000003908582Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.209{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c1c173577ca69892022-01-11 12:19:02.209root 11241100x80000000000000003908583Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.209{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0f325db769d02feb2022-01-11 12:19:02.209root 11241100x80000000000000003908584Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.210{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.64af100afe572adf2022-01-11 12:19:02.210root 11241100x80000000000000003908585Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.210{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.55fac088e6fb91d12022-01-11 12:19:02.210root 11241100x80000000000000003908586Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.210{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.142e6c20797328082022-01-11 12:19:02.210root 11241100x80000000000000003908587Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.210{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc4474ce83b00b6b2022-01-11 12:19:02.210root 11241100x80000000000000003908588Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.210{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.487aa8221e2daf952022-01-11 12:19:02.210root 11241100x80000000000000003908589Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.210{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.423c711653125f262022-01-11 12:19:02.210root 11241100x80000000000000003908590Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.211{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d05b8ae8c2eb08442022-01-11 12:19:02.211root 11241100x80000000000000003908591Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.211{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e3796e7f1a31e242022-01-11 12:19:02.211root 11241100x80000000000000003908592Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.211{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df41af9641379c3f2022-01-11 12:19:02.211root 11241100x80000000000000003908593Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.211{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f968414db3d1896a2022-01-11 12:19:02.211root 11241100x80000000000000003908594Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.212{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a47ed85f5937cccd2022-01-11 12:19:02.212root 11241100x80000000000000003908595Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.212{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.235dd25cea4c226f2022-01-11 12:19:02.212root 11241100x80000000000000003908596Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.212{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d30f450790db0d802022-01-11 12:19:02.212root 11241100x80000000000000003908597Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.213{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8c324b172d928382022-01-11 12:19:02.213root 11241100x80000000000000003908598Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.213{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c1588d8cfa150372022-01-11 12:19:02.213root 11241100x80000000000000003908599Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.213{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba0c503d239afdca2022-01-11 12:19:02.213root 11241100x80000000000000003908600Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.213{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b16be32e746e6792022-01-11 12:19:02.213root 11241100x80000000000000003908601Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.213{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a78059fd6c01c31a2022-01-11 12:19:02.213root 11241100x80000000000000003908602Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.213{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9667501d52bc318c2022-01-11 12:19:02.213root 11241100x80000000000000003908603Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.215{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cfc22654e49f7d982022-01-11 12:19:02.215root 11241100x80000000000000003908604Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.215{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f31eeee6a6aa90352022-01-11 12:19:02.215root 11241100x80000000000000003908605Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.215{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.84292b5cfce5186c2022-01-11 12:19:02.215root 11241100x80000000000000003908606Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.215{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.158617d55a5c34272022-01-11 12:19:02.215root 11241100x80000000000000003908607Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.215{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.94b5881fbed8b4b32022-01-11 12:19:02.215root 11241100x80000000000000003908608Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.215{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0997397592b0e7d2022-01-11 12:19:02.215root 11241100x80000000000000003908609Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.215{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e2b6b7a343b534622022-01-11 12:19:02.215root 11241100x80000000000000003908610Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.216{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f9c83f9ea448c582022-01-11 12:19:02.216root 11241100x80000000000000003908611Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.216{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae76c532b7bcbbd32022-01-11 12:19:02.216root 11241100x80000000000000003908612Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.216{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.178700491bdf0ee22022-01-11 12:19:02.216root 11241100x80000000000000003908613Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.216{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.551637a10c45af962022-01-11 12:19:02.216root 11241100x80000000000000003908614Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.216{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf4ac118cd9a3cb32022-01-11 12:19:02.216root 11241100x80000000000000003908615Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.216{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.05aedcff7d0b6d722022-01-11 12:19:02.216root 11241100x80000000000000003908616Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.216{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54ab4fe72b985a6a2022-01-11 12:19:02.216root 11241100x80000000000000003908617Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.216{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dab52b21ad2845e22022-01-11 12:19:02.216root 11241100x80000000000000003908618Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.216{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d29a880d24fb3962022-01-11 12:19:02.216root 11241100x80000000000000003908619Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.217{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.714949056e5d7a132022-01-11 12:19:02.217root 11241100x80000000000000003908620Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.217{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf1612280cab027c2022-01-11 12:19:02.217root 11241100x80000000000000003908621Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.217{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ef9b756e3563a622022-01-11 12:19:02.217root 11241100x80000000000000003908622Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.217{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d22828d71761da202022-01-11 12:19:02.217root 11241100x80000000000000003908623Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.217{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cba6bd6992b9e5552022-01-11 12:19:02.217root 11241100x80000000000000003908624Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.217{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e864b5409e8a22912022-01-11 12:19:02.217root 11241100x80000000000000003908625Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.217{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.336479b65d6e06cf2022-01-11 12:19:02.217root 11241100x80000000000000003908626Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.217{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.421ab142ce139f702022-01-11 12:19:02.217root 11241100x80000000000000003908627Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.217{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.351f5d409a3fc6dd2022-01-11 12:19:02.217root 11241100x80000000000000003908628Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.217{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1beacc706911c4892022-01-11 12:19:02.217root 11241100x80000000000000003908629Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc74d7e3923a21272022-01-11 12:19:02.584root 11241100x80000000000000003908630Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d57799206e18a0a52022-01-11 12:19:02.584root 11241100x80000000000000003908631Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bf466eb38956a75d2022-01-11 12:19:02.584root 11241100x80000000000000003908632Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a2e150469c530fef2022-01-11 12:19:02.584root 11241100x80000000000000003908633Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6bec1601786a54a42022-01-11 12:19:02.584root 11241100x80000000000000003908634Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f0c9bc551d2127822022-01-11 12:19:02.584root 11241100x80000000000000003908635Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7da1f264fc0ce2f42022-01-11 12:19:02.584root 11241100x80000000000000003908636Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5fc99c4f8413e0d32022-01-11 12:19:02.585root 11241100x80000000000000003908637Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.009088af09df383e2022-01-11 12:19:02.585root 11241100x80000000000000003908638Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.516905b0819e778c2022-01-11 12:19:02.585root 11241100x80000000000000003908639Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1b4ea6ff97d6f762022-01-11 12:19:02.585root 11241100x80000000000000003908640Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.28f93768d0a1a7272022-01-11 12:19:02.585root 11241100x80000000000000003908641Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0fc548c38e60df372022-01-11 12:19:02.585root 11241100x80000000000000003908642Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4fff2657c54fe112022-01-11 12:19:02.585root 11241100x80000000000000003908643Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2dfed3a63f6a3b0c2022-01-11 12:19:02.585root 11241100x80000000000000003908644Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be0bf3900fcb0fbb2022-01-11 12:19:02.585root 11241100x80000000000000003908645Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.825e64692a8679572022-01-11 12:19:02.585root 11241100x80000000000000003908646Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba252a2ae589b47e2022-01-11 12:19:02.585root 11241100x80000000000000003908647Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d2a95f3380da5562022-01-11 12:19:02.585root 11241100x80000000000000003908648Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.14da563405756fc82022-01-11 12:19:02.585root 11241100x80000000000000003908649Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.59a5850c806a30422022-01-11 12:19:02.585root 11241100x80000000000000003908650Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.acea0ce7df0fb7912022-01-11 12:19:02.585root 11241100x80000000000000003908651Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.14393b7b5c0bda6b2022-01-11 12:19:02.585root 11241100x80000000000000003908652Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed1fa56e898aa7a12022-01-11 12:19:02.586root 11241100x80000000000000003908653Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dfdadbd72f6902762022-01-11 12:19:02.586root 11241100x80000000000000003908654Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b24efdd72095fcd62022-01-11 12:19:02.586root 11241100x80000000000000003908655Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.22607e9fa6d7932b2022-01-11 12:19:02.586root 11241100x80000000000000003908656Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1cfa6a9aac0712d2022-01-11 12:19:02.586root 11241100x80000000000000003908657Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d4acd64ba32daf3f2022-01-11 12:19:02.586root 11241100x80000000000000003908658Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d360c6568f935bd82022-01-11 12:19:02.586root 11241100x80000000000000003908659Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4890a30655f136902022-01-11 12:19:02.586root 11241100x80000000000000003908660Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4aac97411441c0c22022-01-11 12:19:02.587root 11241100x80000000000000003908661Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.67d8b70476e3f3292022-01-11 12:19:02.587root 11241100x80000000000000003908662Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3451a0f30a695a5a2022-01-11 12:19:02.587root 11241100x80000000000000003908663Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7bbb7e4ac091b8cd2022-01-11 12:19:02.588root 11241100x80000000000000003908664Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d650db5108c67132022-01-11 12:19:02.588root 11241100x80000000000000003908665Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ad174e7038861ee52022-01-11 12:19:02.588root 11241100x80000000000000003908666Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da5806b212fc56ea2022-01-11 12:19:02.588root 11241100x80000000000000003908667Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f22f176d1c003efd2022-01-11 12:19:02.588root 11241100x80000000000000003908668Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa75461e676e5ead2022-01-11 12:19:02.588root 11241100x80000000000000003908669Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.58bc61de29ba82502022-01-11 12:19:02.589root 11241100x80000000000000003908670Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9acff12b1ff4e55e2022-01-11 12:19:02.589root 11241100x80000000000000003908671Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.713f43c95d2347952022-01-11 12:19:02.589root 11241100x80000000000000003908672Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.337c849dc5f463662022-01-11 12:19:02.589root 11241100x80000000000000003908673Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca450f090fb0932d2022-01-11 12:19:02.589root 11241100x80000000000000003908674Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b985775b3e3e50272022-01-11 12:19:02.589root 11241100x80000000000000003908675Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f8e52dfd8a5561052022-01-11 12:19:02.589root 11241100x80000000000000003908676Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d52113f4fb49f842022-01-11 12:19:02.590root 11241100x80000000000000003908677Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd58e7f522dcdebe2022-01-11 12:19:02.590root 11241100x80000000000000003908678Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54d0302bb43bff092022-01-11 12:19:02.590root 11241100x80000000000000003908679Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.394feda7f0c96aaf2022-01-11 12:19:02.590root 11241100x80000000000000003908680Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6f6c8b71fc6e38072022-01-11 12:19:02.590root 11241100x80000000000000003908681Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0f8bb9602994c7af2022-01-11 12:19:02.590root 11241100x80000000000000003908682Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96d041cbf45ee2782022-01-11 12:19:02.591root 11241100x80000000000000003908683Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91072d7b391c280a2022-01-11 12:19:02.591root 11241100x80000000000000003908684Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f2bce4dbc07e18ab2022-01-11 12:19:02.591root 11241100x80000000000000003908685Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed936c621f7b21012022-01-11 12:19:02.591root 11241100x80000000000000003908686Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf0398eb8d3f14012022-01-11 12:19:02.591root 11241100x80000000000000003908687Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.592{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.81b8dfbfb6c4fcee2022-01-11 12:19:02.592root 11241100x80000000000000003908688Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.592{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2b16895134d7b3622022-01-11 12:19:02.592root 11241100x80000000000000003908689Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.592{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9ae31b9a97abc472022-01-11 12:19:02.592root 11241100x80000000000000003908690Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.592{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a59ec863a09974842022-01-11 12:19:02.592root 11241100x80000000000000003908691Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.592{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f55fdadc839d63cf2022-01-11 12:19:02.592root 11241100x80000000000000003908692Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.592{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0ccfacb5498d213d2022-01-11 12:19:02.592root 11241100x80000000000000003908693Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.593{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1fcc77dd39075d392022-01-11 12:19:02.593root 11241100x80000000000000003908694Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.593{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.89f1e5b793e54aea2022-01-11 12:19:02.593root 11241100x80000000000000003908695Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.593{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02189b6f942642992022-01-11 12:19:02.593root 11241100x80000000000000003908696Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.593{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.24ad394a0c7b5a462022-01-11 12:19:02.593root 11241100x80000000000000003908697Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.593{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.533184ba8ff536a02022-01-11 12:19:02.593root 11241100x80000000000000003908698Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.593{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.75981a270d24ffbf2022-01-11 12:19:02.593root 11241100x80000000000000003908699Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.593{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3511d0a8fde724622022-01-11 12:19:02.593root 11241100x80000000000000003908700Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.593{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c9dbe5c9000f6b022022-01-11 12:19:02.593root 11241100x80000000000000003908701Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.594{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a434bf1d36248b122022-01-11 12:19:02.594root 11241100x80000000000000003908702Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.594{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6279d60d49966ea2022-01-11 12:19:02.594root 11241100x80000000000000003908703Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.594{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f0777e1163c444742022-01-11 12:19:02.594root 11241100x80000000000000003908704Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.594{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb8533308f44b5082022-01-11 12:19:02.594root 11241100x80000000000000003908705Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.594{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.907f5678cd4f0a902022-01-11 12:19:02.594root 11241100x80000000000000003908706Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.595{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96b176fe6a8e525e2022-01-11 12:19:02.595root 11241100x80000000000000003908707Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.595{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.428d3d33df2e3eb52022-01-11 12:19:02.595root 11241100x80000000000000003908708Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.595{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a1dfaf3ad6b245e2022-01-11 12:19:02.595root 11241100x80000000000000003908709Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.595{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb03a1fb13a6fdd42022-01-11 12:19:02.595root 11241100x80000000000000003908710Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.595{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb530ee8b50927dc2022-01-11 12:19:02.595root 11241100x80000000000000003908711Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.596{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f7c6c40a949ee52f2022-01-11 12:19:02.596root 11241100x80000000000000003908712Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.596{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3769955760c78c12022-01-11 12:19:02.596root 11241100x80000000000000003908713Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.596{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c2ff2d9bfd974112022-01-11 12:19:02.596root 11241100x80000000000000003908714Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.596{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.171398495ad294992022-01-11 12:19:02.596root 11241100x80000000000000003908715Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.596{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.88dd724d1dfb231c2022-01-11 12:19:02.596root 11241100x80000000000000003908716Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.596{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf31b20193eb4bde2022-01-11 12:19:02.596root 11241100x80000000000000003908717Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d03996480482cc1a2022-01-11 12:19:03.083root 11241100x80000000000000003908718Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c54557494bb038c2022-01-11 12:19:03.083root 11241100x80000000000000003908719Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae8c3b2e8ad22c132022-01-11 12:19:03.084root 11241100x80000000000000003908720Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0ffd0c87639cd932022-01-11 12:19:03.084root 11241100x80000000000000003908721Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ccf008428630f9c2022-01-11 12:19:03.084root 11241100x80000000000000003908722Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da1ce1921f265cc82022-01-11 12:19:03.084root 11241100x80000000000000003908723Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.334f8a650e1b811f2022-01-11 12:19:03.084root 11241100x80000000000000003908724Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c08f497cfd311772022-01-11 12:19:03.084root 11241100x80000000000000003908725Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.13fc710fff65a48c2022-01-11 12:19:03.084root 11241100x80000000000000003908726Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.302a39e6d54d9fe92022-01-11 12:19:03.085root 11241100x80000000000000003908727Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.598e383821cef9fb2022-01-11 12:19:03.085root 11241100x80000000000000003908728Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f1e4a80c0983b892022-01-11 12:19:03.085root 11241100x80000000000000003908729Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6657605f7a9b6ff42022-01-11 12:19:03.085root 11241100x80000000000000003908730Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d01520ca7e6664982022-01-11 12:19:03.085root 11241100x80000000000000003908731Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76d2cecc71c39efd2022-01-11 12:19:03.085root 11241100x80000000000000003908732Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1409c60cd366e3962022-01-11 12:19:03.086root 11241100x80000000000000003908733Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.97b08c438d8e54e12022-01-11 12:19:03.086root 11241100x80000000000000003908734Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9617889a77d653f2022-01-11 12:19:03.086root 11241100x80000000000000003908735Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e275716cda160d62022-01-11 12:19:03.086root 11241100x80000000000000003908736Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af3ff29951e226132022-01-11 12:19:03.086root 11241100x80000000000000003908737Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1dacd0b83a43bb832022-01-11 12:19:03.086root 11241100x80000000000000003908738Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f93562b2adf4b9f72022-01-11 12:19:03.087root 11241100x80000000000000003908739Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.73d85f11df2550a32022-01-11 12:19:03.087root 11241100x80000000000000003908740Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e52302c840a74e852022-01-11 12:19:03.087root 11241100x80000000000000003908741Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f9479b80a1d6ed82022-01-11 12:19:03.087root 11241100x80000000000000003908742Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.32a7bc399852298b2022-01-11 12:19:03.087root 11241100x80000000000000003908743Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a28227d89960aff2022-01-11 12:19:03.088root 11241100x80000000000000003908744Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6045a83cfbc064c12022-01-11 12:19:03.088root 11241100x80000000000000003908745Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.40b2e02f6dfa88d62022-01-11 12:19:03.088root 11241100x80000000000000003908746Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb57ebf7ad6e1e622022-01-11 12:19:03.088root 11241100x80000000000000003908747Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91830cd8b850aa5f2022-01-11 12:19:03.089root 11241100x80000000000000003908748Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1443df174e32dd0f2022-01-11 12:19:03.089root 11241100x80000000000000003908749Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2a42442d73ee9a172022-01-11 12:19:03.089root 11241100x80000000000000003908750Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a937a345b62143a2022-01-11 12:19:03.089root 11241100x80000000000000003908751Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d3a4163fb25274a42022-01-11 12:19:03.089root 11241100x80000000000000003908752Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a5729469af0d7c72022-01-11 12:19:03.089root 11241100x80000000000000003908753Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f6daa03a125743d2022-01-11 12:19:03.090root 11241100x80000000000000003908754Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa8972f44d6403b22022-01-11 12:19:03.090root 11241100x80000000000000003908755Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09a0330cdf342b7b2022-01-11 12:19:03.090root 11241100x80000000000000003908756Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d88fb33852eb146f2022-01-11 12:19:03.090root 11241100x80000000000000003908757Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4426b3f974df0c8d2022-01-11 12:19:03.091root 11241100x80000000000000003908758Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd672cadeefe68ea2022-01-11 12:19:03.091root 11241100x80000000000000003908759Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fbe98009085bb9a32022-01-11 12:19:03.091root 11241100x80000000000000003908760Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6334172c46a9794f2022-01-11 12:19:03.091root 11241100x80000000000000003908761Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b2562c72f9c10032022-01-11 12:19:03.091root 11241100x80000000000000003908762Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f98ec7194e515e322022-01-11 12:19:03.091root 11241100x80000000000000003908763Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8038a24ceff51a52022-01-11 12:19:03.091root 11241100x80000000000000003908764Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.93a0094ee9ecc8192022-01-11 12:19:03.583root 11241100x80000000000000003908765Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fbbc7cd09c885ce72022-01-11 12:19:03.583root 11241100x80000000000000003908766Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.58930348e6fededd2022-01-11 12:19:03.584root 11241100x80000000000000003908767Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d14caddcdbc4443b2022-01-11 12:19:03.584root 11241100x80000000000000003908768Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b2dfd47c8335c7aa2022-01-11 12:19:03.584root 11241100x80000000000000003908769Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a12115f8c795e172022-01-11 12:19:03.584root 11241100x80000000000000003908770Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c85e6abe85005e202022-01-11 12:19:03.585root 11241100x80000000000000003908771Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c6df49eafa178a12022-01-11 12:19:03.585root 11241100x80000000000000003908772Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.30fd73b642ea6d4f2022-01-11 12:19:03.585root 11241100x80000000000000003908773Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a540460375edf8b2022-01-11 12:19:03.585root 11241100x80000000000000003908774Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e00832126db7ad872022-01-11 12:19:03.585root 11241100x80000000000000003908775Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5806bda97e3224f12022-01-11 12:19:03.585root 11241100x80000000000000003908776Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3bfcfb4cdeb46d5a2022-01-11 12:19:03.586root 11241100x80000000000000003908777Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db809149e557fa1c2022-01-11 12:19:03.586root 11241100x80000000000000003908778Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a7e89f88026030e2022-01-11 12:19:03.586root 11241100x80000000000000003908779Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.65182d7412799c682022-01-11 12:19:03.586root 11241100x80000000000000003908780Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.404d37402a2d8ca52022-01-11 12:19:03.587root 11241100x80000000000000003908781Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1060ac2f1aef3a862022-01-11 12:19:03.587root 11241100x80000000000000003908782Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd660ad2fea089cf2022-01-11 12:19:03.587root 11241100x80000000000000003908783Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.20657ac30dee81ac2022-01-11 12:19:03.587root 11241100x80000000000000003908784Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db63e56e5f33a1fe2022-01-11 12:19:03.587root 11241100x80000000000000003908785Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.573bfab3afc52a842022-01-11 12:19:03.587root 11241100x80000000000000003908786Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d017e6bb9a18033b2022-01-11 12:19:03.587root 11241100x80000000000000003908787Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.22047f09e6602c042022-01-11 12:19:03.587root 11241100x80000000000000003908788Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c4f7625e5fec47a42022-01-11 12:19:03.588root 11241100x80000000000000003908789Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc466a63044e200e2022-01-11 12:19:03.588root 11241100x80000000000000003908790Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c33f00785ee99ddb2022-01-11 12:19:03.588root 11241100x80000000000000003908791Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e12f07a7c24ccbd52022-01-11 12:19:03.588root 11241100x80000000000000003908792Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09816c6bf8bcd2272022-01-11 12:19:03.588root 11241100x80000000000000003908793Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.223a940aaad641dd2022-01-11 12:19:03.588root 11241100x80000000000000003908794Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da54e2d69d7babb02022-01-11 12:19:03.588root 11241100x80000000000000003908795Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a7b87ea5304731c2022-01-11 12:19:03.588root 11241100x80000000000000003908796Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63d1223a8b16d8fa2022-01-11 12:19:03.588root 11241100x80000000000000003908797Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd02ab0fe015b0142022-01-11 12:19:03.588root 11241100x80000000000000003908798Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4efa73f3751813bd2022-01-11 12:19:03.588root 11241100x80000000000000003908799Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e54e05ef082a8ed92022-01-11 12:19:03.588root 11241100x80000000000000003908800Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e625fc4311218e32022-01-11 12:19:03.588root 11241100x80000000000000003908801Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ea875295361aed12022-01-11 12:19:03.589root 11241100x80000000000000003908802Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bef922e9281116872022-01-11 12:19:03.589root 11241100x80000000000000003908803Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1b424e64448252d2022-01-11 12:19:03.589root 11241100x80000000000000003908804Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9325e9c38616ae0d2022-01-11 12:19:03.589root 11241100x80000000000000003908805Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f0955661c88cea262022-01-11 12:19:03.589root 11241100x80000000000000003908806Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.83b4f4542718ea522022-01-11 12:19:03.589root 11241100x80000000000000003908807Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d370333d912b4d82022-01-11 12:19:03.589root 11241100x80000000000000003908808Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a35a08363dd362d82022-01-11 12:19:03.589root 11241100x80000000000000003908809Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6fd91d7f762d7b2b2022-01-11 12:19:03.589root 11241100x80000000000000003908810Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.babbd9a814680f7c2022-01-11 12:19:03.589root 11241100x80000000000000003908811Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.61262384a0c04f7e2022-01-11 12:19:03.589root 11241100x80000000000000003908812Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6cc692d332e42982022-01-11 12:19:03.589root 11241100x80000000000000003908813Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.656c753d0aaa0df12022-01-11 12:19:04.083root 11241100x80000000000000003908814Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00398bd53b2376232022-01-11 12:19:04.083root 11241100x80000000000000003908815Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed9f4360784406412022-01-11 12:19:04.083root 11241100x80000000000000003908816Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d0d1769557865032022-01-11 12:19:04.083root 11241100x80000000000000003908817Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.466863e03a37be502022-01-11 12:19:04.083root 11241100x80000000000000003908818Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e66127b504a74dad2022-01-11 12:19:04.083root 11241100x80000000000000003908819Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba345fff87fb86782022-01-11 12:19:04.084root 11241100x80000000000000003908820Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.494d5828c9636b2a2022-01-11 12:19:04.084root 11241100x80000000000000003908821Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be563c248062f64f2022-01-11 12:19:04.084root 11241100x80000000000000003908822Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e057a77af63e1272022-01-11 12:19:04.084root 11241100x80000000000000003908823Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d7be54ee7fb9bcb42022-01-11 12:19:04.084root 11241100x80000000000000003908824Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec3ccb6ce87e5fdc2022-01-11 12:19:04.084root 11241100x80000000000000003908825Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.744db8a1090921842022-01-11 12:19:04.084root 11241100x80000000000000003908826Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.55e3fc888a7dc13e2022-01-11 12:19:04.085root 11241100x80000000000000003908827Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5420711a405980662022-01-11 12:19:04.085root 11241100x80000000000000003908828Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a214abed9338a6222022-01-11 12:19:04.085root 11241100x80000000000000003908829Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e24a5457f6cc0ac2022-01-11 12:19:04.085root 11241100x80000000000000003908830Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.644329e4a494658b2022-01-11 12:19:04.085root 11241100x80000000000000003908831Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8faf5c696bef935d2022-01-11 12:19:04.085root 11241100x80000000000000003908832Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.83cde525da4c91b92022-01-11 12:19:04.086root 11241100x80000000000000003908833Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.22469f65de72c07e2022-01-11 12:19:04.086root 11241100x80000000000000003908834Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.26335f31066a20bf2022-01-11 12:19:04.086root 11241100x80000000000000003908835Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d41a4951a21f46f92022-01-11 12:19:04.086root 11241100x80000000000000003908836Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df24fb4ba39514ce2022-01-11 12:19:04.086root 11241100x80000000000000003908837Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.65c070015d34e9232022-01-11 12:19:04.086root 11241100x80000000000000003908838Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a457aa832efdff952022-01-11 12:19:04.087root 11241100x80000000000000003908839Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b0c6c1763892bba2022-01-11 12:19:04.087root 11241100x80000000000000003908840Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b191f04e13bd0a3f2022-01-11 12:19:04.087root 11241100x80000000000000003908841Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.611f7311fa4977ca2022-01-11 12:19:04.087root 11241100x80000000000000003908842Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0127e5563e2b669b2022-01-11 12:19:04.087root 11241100x80000000000000003908843Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bf28aa2137e032c32022-01-11 12:19:04.087root 11241100x80000000000000003908844Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf34e8e744b385bf2022-01-11 12:19:04.087root 11241100x80000000000000003908845Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e76e3b085bbaeacd2022-01-11 12:19:04.088root 11241100x80000000000000003908846Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4959e23dabf96dc02022-01-11 12:19:04.088root 11241100x80000000000000003908847Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b030df9c0d264732022-01-11 12:19:04.088root 11241100x80000000000000003908848Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eef6c25a1ea7e7782022-01-11 12:19:04.088root 11241100x80000000000000003908849Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d21833e72d856ae02022-01-11 12:19:04.088root 11241100x80000000000000003908850Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.721a10046a4fd2392022-01-11 12:19:04.088root 11241100x80000000000000003908851Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6deafcefaf8bfb442022-01-11 12:19:04.089root 11241100x80000000000000003908852Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.49fbb888fe69b3cf2022-01-11 12:19:04.089root 11241100x80000000000000003908853Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9fca8cc1f70dfa822022-01-11 12:19:04.089root 11241100x80000000000000003908854Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.12c2f1d7db258abb2022-01-11 12:19:04.089root 11241100x80000000000000003908855Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cea49c97b2d0e07e2022-01-11 12:19:04.584root 11241100x80000000000000003908856Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00f9a48242a23ec82022-01-11 12:19:04.584root 11241100x80000000000000003908857Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ea1407a005109672022-01-11 12:19:04.584root 11241100x80000000000000003908858Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.26d00e5f6fdf9ba62022-01-11 12:19:04.584root 11241100x80000000000000003908859Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5bdde73ec4c393f22022-01-11 12:19:04.584root 11241100x80000000000000003908860Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae8f53452528c8742022-01-11 12:19:04.584root 11241100x80000000000000003908861Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a7e702128924121f2022-01-11 12:19:04.584root 11241100x80000000000000003908862Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.74fd6fc6ad5365b52022-01-11 12:19:04.585root 11241100x80000000000000003908863Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c19ef8ba8b388ee12022-01-11 12:19:04.585root 11241100x80000000000000003908864Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.34234c1cdfcb52ab2022-01-11 12:19:04.585root 11241100x80000000000000003908865Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ccafe30b659af6202022-01-11 12:19:04.585root 11241100x80000000000000003908866Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a43625518ee991b72022-01-11 12:19:04.585root 11241100x80000000000000003908867Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f5639821b125b352022-01-11 12:19:04.585root 11241100x80000000000000003908868Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd3fd9541d83d37f2022-01-11 12:19:04.585root 11241100x80000000000000003908869Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eee4e788cc815ed62022-01-11 12:19:04.585root 11241100x80000000000000003908870Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.17bd5abf9da0da222022-01-11 12:19:04.585root 11241100x80000000000000003908871Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a98d717e52c7ab012022-01-11 12:19:04.585root 11241100x80000000000000003908872Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4d1bd56d964c329b2022-01-11 12:19:04.585root 11241100x80000000000000003908873Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.665f4782e3af5f482022-01-11 12:19:04.585root 11241100x80000000000000003908874Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c07c7b9e7bcdbddf2022-01-11 12:19:04.585root 11241100x80000000000000003908875Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e96ebfb34913f6e42022-01-11 12:19:04.585root 11241100x80000000000000003908876Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.11da6a74a0ff9a552022-01-11 12:19:04.586root 11241100x80000000000000003908877Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.07b2fc64f891f5fb2022-01-11 12:19:04.586root 11241100x80000000000000003908878Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3942b3fbd84ccbcd2022-01-11 12:19:04.586root 11241100x80000000000000003908879Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.40be873eef0467102022-01-11 12:19:04.586root 11241100x80000000000000003908880Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fafb6ed0b76f0fec2022-01-11 12:19:04.586root 11241100x80000000000000003908881Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f9fc06bd0ce55f6d2022-01-11 12:19:04.586root 11241100x80000000000000003908882Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.159f1d65294a7ccb2022-01-11 12:19:04.586root 11241100x80000000000000003908883Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.39263bf2782577032022-01-11 12:19:04.586root 11241100x80000000000000003908884Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.488d64bdd8e0581b2022-01-11 12:19:04.586root 11241100x80000000000000003908885Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.80b1d1cbbc8c4ba12022-01-11 12:19:04.587root 11241100x80000000000000003908886Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf442a5afda5b8d52022-01-11 12:19:04.587root 11241100x80000000000000003908887Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.15e8bb7dfe9af3472022-01-11 12:19:04.587root 11241100x80000000000000003908888Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.559f89f544eb6ce52022-01-11 12:19:04.587root 11241100x80000000000000003908889Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b706bb53dac8f8af2022-01-11 12:19:04.587root 11241100x80000000000000003908890Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.46a95dd0e8d2db612022-01-11 12:19:04.587root 11241100x80000000000000003908891Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c9f17578c967ec82022-01-11 12:19:04.587root 11241100x80000000000000003908892Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54c46268ddaee9742022-01-11 12:19:04.587root 11241100x80000000000000003908893Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a8a89b1baf457492022-01-11 12:19:04.587root 11241100x80000000000000003908894Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fb14ed685375f9b02022-01-11 12:19:04.587root 11241100x80000000000000003908895Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48ec7ac4e0d41c7c2022-01-11 12:19:04.588root 11241100x80000000000000003908896Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f2e7432a54ecebc02022-01-11 12:19:04.588root 11241100x80000000000000003908897Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7a86558d0497cc02022-01-11 12:19:04.588root 11241100x80000000000000003908898Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec1cdb063bf806e32022-01-11 12:19:04.588root 11241100x80000000000000003908899Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f6a5ac81f1a71fa02022-01-11 12:19:04.588root 11241100x80000000000000003908900Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eabc708c8400b1972022-01-11 12:19:04.588root 11241100x80000000000000003908901Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6e891a498ee53732022-01-11 12:19:04.588root 11241100x80000000000000003908902Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7908b5640bd7943d2022-01-11 12:19:04.589root 11241100x80000000000000003908903Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9a6db05d34736852022-01-11 12:19:04.589root 11241100x80000000000000003908904Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d47bb7e045e063df2022-01-11 12:19:04.589root 11241100x80000000000000003908905Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.52843cee003cebdf2022-01-11 12:19:04.589root 11241100x80000000000000003908906Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8752ba17df7dc6e22022-01-11 12:19:04.589root 11241100x80000000000000003908907Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a557c7b18eadc9042022-01-11 12:19:04.589root 11241100x80000000000000003908908Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.280268f2d7138a2b2022-01-11 12:19:04.589root 11241100x80000000000000003908909Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63f36f26671f6d7f2022-01-11 12:19:04.589root 11241100x80000000000000003908910Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bda06cd371f8abed2022-01-11 12:19:04.590root 11241100x80000000000000003908911Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.49ee7ab345cf76652022-01-11 12:19:04.590root 11241100x80000000000000003908912Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.32c9c2958bcef8d22022-01-11 12:19:04.590root 11241100x80000000000000003908913Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ee65d3e994720242022-01-11 12:19:04.590root 11241100x80000000000000003908914Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb537da7af6241012022-01-11 12:19:04.590root 11241100x80000000000000003908915Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38ab7252497d22e72022-01-11 12:19:04.590root 11241100x80000000000000003908916Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7d346bd4a2b16da2022-01-11 12:19:04.590root 11241100x80000000000000003908917Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69eb6084c78251832022-01-11 12:19:04.590root 11241100x80000000000000003908918Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e38134d15d472492022-01-11 12:19:04.590root 11241100x80000000000000003908919Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9959391b476678682022-01-11 12:19:04.590root 11241100x80000000000000003908920Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc09640fa11894e12022-01-11 12:19:04.590root 11241100x80000000000000003908921Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.43f3ae88a00f5f692022-01-11 12:19:04.591root 11241100x80000000000000003908922Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f164eb10de48f25b2022-01-11 12:19:04.591root 11241100x80000000000000003908923Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c758c087975afd922022-01-11 12:19:04.591root 11241100x80000000000000003908924Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba2135abef4c11752022-01-11 12:19:04.591root 11241100x80000000000000003908925Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.89f6cb5c18e168152022-01-11 12:19:04.591root 11241100x80000000000000003908926Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7bba77b70d6c11cb2022-01-11 12:19:04.591root 11241100x80000000000000003908927Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.846d1e3275ac30ba2022-01-11 12:19:04.591root 11241100x80000000000000003908928Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.66b15a09f6385f3e2022-01-11 12:19:04.591root 11241100x80000000000000003908929Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a08bae0fb7c1211c2022-01-11 12:19:04.591root 11241100x80000000000000003908930Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ace7af49bfce40712022-01-11 12:19:04.591root 11241100x80000000000000003908931Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2028b9ac538fa1da2022-01-11 12:19:05.083root 11241100x80000000000000003908932Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.10b80179e0b45a9a2022-01-11 12:19:05.083root 11241100x80000000000000003908933Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f9790d479d4498742022-01-11 12:19:05.083root 11241100x80000000000000003908934Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6cbe848828041aeb2022-01-11 12:19:05.083root 11241100x80000000000000003908935Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.74d5be3da0c0c9cd2022-01-11 12:19:05.084root 11241100x80000000000000003908936Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff3fcfd59eb5722f2022-01-11 12:19:05.084root 11241100x80000000000000003908937Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.277def9d259714382022-01-11 12:19:05.084root 11241100x80000000000000003908938Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b6e534294169db92022-01-11 12:19:05.084root 11241100x80000000000000003908939Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee940246af743e212022-01-11 12:19:05.084root 11241100x80000000000000003908940Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00f9cf573b3e927a2022-01-11 12:19:05.084root 11241100x80000000000000003908941Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bf4e03a2c0c2004f2022-01-11 12:19:05.084root 11241100x80000000000000003908942Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f9e4c63a9bb938832022-01-11 12:19:05.084root 11241100x80000000000000003908943Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c1a9eaa178836ccf2022-01-11 12:19:05.084root 11241100x80000000000000003908944Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a54ffb63cfec002f2022-01-11 12:19:05.084root 11241100x80000000000000003908945Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.346feca434c2c6822022-01-11 12:19:05.084root 11241100x80000000000000003908946Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e696ea4a814898a2022-01-11 12:19:05.084root 11241100x80000000000000003908947Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.edafff54cd94c3892022-01-11 12:19:05.084root 11241100x80000000000000003908948Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.68b6d73b4c7a92d82022-01-11 12:19:05.084root 11241100x80000000000000003908949Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bfcaa9aacd8493772022-01-11 12:19:05.084root 11241100x80000000000000003908950Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.001d83c36df133322022-01-11 12:19:05.085root 11241100x80000000000000003908951Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.369f86f0daf29a9e2022-01-11 12:19:05.085root 11241100x80000000000000003908952Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f286b735a0bbc5e2022-01-11 12:19:05.085root 11241100x80000000000000003908953Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.45bc0bd1292c9dd72022-01-11 12:19:05.085root 11241100x80000000000000003908954Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f629d518bc1f51202022-01-11 12:19:05.085root 11241100x80000000000000003908955Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d57792cded68adb62022-01-11 12:19:05.085root 11241100x80000000000000003908956Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1757e91a69bb9f6b2022-01-11 12:19:05.085root 11241100x80000000000000003908957Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c59b14945fcf2c5e2022-01-11 12:19:05.085root 11241100x80000000000000003908958Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a9c4178d222d2d892022-01-11 12:19:05.085root 11241100x80000000000000003908959Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ed2c136386a16052022-01-11 12:19:05.085root 11241100x80000000000000003908960Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.73da04ced486cf502022-01-11 12:19:05.085root 11241100x80000000000000003908961Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ef9046d147207b82022-01-11 12:19:05.086root 11241100x80000000000000003908962Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f1156f9fe2be2352022-01-11 12:19:05.086root 11241100x80000000000000003908963Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.53016c829ced69bd2022-01-11 12:19:05.086root 11241100x80000000000000003908964Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ed51c9a8a609e4a2022-01-11 12:19:05.086root 11241100x80000000000000003908965Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.56a780e313e5807f2022-01-11 12:19:05.086root 11241100x80000000000000003908966Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d2d118955ed795992022-01-11 12:19:05.086root 11241100x80000000000000003908967Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.36f190640ecefec32022-01-11 12:19:05.086root 11241100x80000000000000003908968Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9627bc6ca3dcfb2f2022-01-11 12:19:05.086root 354300x80000000000000003909009Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:13.043{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56264-false10.0.1.12-8000- 11241100x80000000000000003909010Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:13.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc6c993bf79fccef2022-01-11 12:19:13.333root 11241100x80000000000000003909011Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:13.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb5e66d1d4cff35c2022-01-11 12:19:13.833root 11241100x80000000000000003909012Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:14.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a38c9b79485d6dd2022-01-11 12:19:14.333root 11241100x80000000000000003909013Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:14.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b33e717fa116c4332022-01-11 12:19:14.833root 11241100x80000000000000003909014Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:15.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a7108328d6015262022-01-11 12:19:15.333root 11241100x80000000000000003909015Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:15.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.72b23537db8d89432022-01-11 12:19:15.833root 11241100x80000000000000003909016Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:16.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.36fc2cf7ff6be8142022-01-11 12:19:16.333root 11241100x80000000000000003909017Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:16.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.555a7e38a17cb2dc2022-01-11 12:19:16.833root 11241100x80000000000000003909018Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:17.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69baa647a3b4ba342022-01-11 12:19:17.333root 11241100x80000000000000003909019Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:17.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae1c43d3be28bb592022-01-11 12:19:17.833root 11241100x80000000000000003909020Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:18.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.05f39d55c8bba6922022-01-11 12:19:18.333root 11241100x80000000000000003909021Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:18.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f3931f332d2f70e02022-01-11 12:19:18.833root 354300x80000000000000003909022Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:19.010{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56266-false10.0.1.12-8000- 11241100x80000000000000003909023Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:19.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f03c1a76d2869b612022-01-11 12:19:19.333root 11241100x80000000000000003909024Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:19.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0cb07c061a737c0f2022-01-11 12:19:19.333root 11241100x80000000000000003909025Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:19.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.57daefe9ae1e35fe2022-01-11 12:19:19.833root 11241100x80000000000000003909026Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:19.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3e915aa1e6b1f282022-01-11 12:19:19.833root 11241100x80000000000000003909027Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:20.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d6eb71f2abbe0192022-01-11 12:19:20.333root 11241100x80000000000000003909028Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:20.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d2ebed2686763bf2022-01-11 12:19:20.333root 11241100x80000000000000003909029Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:20.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b9caf58015308262022-01-11 12:19:20.833root 11241100x80000000000000003909030Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:20.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.707cbff7ec6e15082022-01-11 12:19:20.833root 11241100x80000000000000003909031Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:21.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.73e0fd3944a206e32022-01-11 12:19:21.333root 11241100x80000000000000003909032Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:21.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d45dc9211ba9cfa12022-01-11 12:19:21.333root 11241100x80000000000000003909033Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:21.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0999f19e33ba8d42022-01-11 12:19:21.833root 11241100x80000000000000003909034Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:21.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e52fd8f0f4c64672022-01-11 12:19:21.833root 11241100x80000000000000003909035Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:22.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a775003ed93a17a2022-01-11 12:19:22.333root 11241100x80000000000000003909036Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:22.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a1c80f155f65c032022-01-11 12:19:22.333root 11241100x80000000000000003909037Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:22.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d3ad2da5a6da3a6a2022-01-11 12:19:22.833root 11241100x80000000000000003909038Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:22.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2dfd2d79a5e2d6842022-01-11 12:19:22.833root 11241100x80000000000000003909039Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:23.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c8c50d7a55787cf2022-01-11 12:19:23.333root 11241100x80000000000000003909040Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:23.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b5566c6b2b5a95862022-01-11 12:19:23.333root 11241100x80000000000000003909041Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:23.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b344d0457d5a5e7a2022-01-11 12:19:23.833root 11241100x80000000000000003909042Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:23.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0060f482e97588be2022-01-11 12:19:23.833root 354300x80000000000000003909043Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:24.074{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56268-false10.0.1.12-8000- 11241100x80000000000000003909044Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:24.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.15803e150410eb442022-01-11 12:19:24.333root 11241100x80000000000000003909045Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:24.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.620087d8094bb0ea2022-01-11 12:19:24.333root 11241100x80000000000000003909046Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:24.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21b56917c6908aa72022-01-11 12:19:24.333root 11241100x80000000000000003909047Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:24.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.70adf30b83eb1c722022-01-11 12:19:24.833root 11241100x80000000000000003909048Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:24.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5158e056d68e886e2022-01-11 12:19:24.833root 11241100x80000000000000003909049Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:24.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.efcf28c709139e7a2022-01-11 12:19:24.833root 11241100x80000000000000003909050Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:24.894{ec2d504d-f0f9-61db-30a8-2a40f5550000}5391/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log2022-01-11 12:19:24.894root 354300x80000000000000003909051Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:24.947{ec2d504d-f0f9-61db-30a8-2a40f5550000}5391/opt/splunkforwarder/bin/splunkdroottcptruefalse10.0.1.25-34202-false10.0.1.12-8089- 11241100x80000000000000003909052Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:25.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.729c4ad3e6fdec182022-01-11 12:19:25.333root 11241100x80000000000000003909053Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:25.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f512a34eaaada952022-01-11 12:19:25.333root 11241100x80000000000000003909054Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:25.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4600531885ce790a2022-01-11 12:19:25.333root 11241100x80000000000000003909055Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:25.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e2e8ecbe62bb60982022-01-11 12:19:25.333root 11241100x80000000000000003909056Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:25.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d006c6f3a392bda92022-01-11 12:19:25.333root 11241100x80000000000000003909057Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:25.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.988af54e2294843e2022-01-11 12:19:25.833root 11241100x80000000000000003909058Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:25.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b1bd1c4a7e7947202022-01-11 12:19:25.833root 11241100x80000000000000003909059Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:25.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3c99c42f852662b52022-01-11 12:19:25.833root 11241100x80000000000000003909060Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:25.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b84aefd118de5bf12022-01-11 12:19:25.833root 11241100x80000000000000003909061Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:25.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91e96b11f2efc3812022-01-11 12:19:25.833root 11241100x80000000000000003909062Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:26.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c7f4929a7441b3892022-01-11 12:19:26.333root 11241100x80000000000000003909063Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:26.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c7c411ca683cb552022-01-11 12:19:26.333root 11241100x80000000000000003909064Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:26.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4e49837e86288552022-01-11 12:19:26.333root 11241100x80000000000000003909065Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:26.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2b7f9e856bcd7a32022-01-11 12:19:26.333root 11241100x80000000000000003909066Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:26.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.45ef369de3b9c0992022-01-11 12:19:26.334root 11241100x80000000000000003909067Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:26.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.75221326a9e6d3f12022-01-11 12:19:26.833root 11241100x80000000000000003909068Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:26.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f72ad55a9d955d52022-01-11 12:19:26.833root 11241100x80000000000000003909069Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:26.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f26e943754228d152022-01-11 12:19:26.833root 11241100x80000000000000003909070Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:26.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6d43e303acf95d02022-01-11 12:19:26.834root 11241100x80000000000000003909071Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:26.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.857f0890373d49292022-01-11 12:19:26.834root 11241100x80000000000000003909072Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:27.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.79e1f4646fd6543b2022-01-11 12:19:27.333root 11241100x80000000000000003909073Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:27.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed5a1ada1278544b2022-01-11 12:19:27.333root 11241100x80000000000000003909074Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:27.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5658763518977bda2022-01-11 12:19:27.333root 11241100x80000000000000003909075Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:27.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.19f0814fd0cb591c2022-01-11 12:19:27.333root 11241100x80000000000000003909076Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:27.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8eae720269b0719f2022-01-11 12:19:27.333root 11241100x80000000000000003909077Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:27.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.314ad5b6df7310a62022-01-11 12:19:27.833root 11241100x80000000000000003909078Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:27.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3409bfac71135b042022-01-11 12:19:27.833root 11241100x80000000000000003909079Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:27.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5da4ef7871a465772022-01-11 12:19:27.833root 11241100x80000000000000003909080Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:27.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77ac8d2cea3b9c722022-01-11 12:19:27.833root 11241100x80000000000000003909081Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:27.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69273e5a5c374feb2022-01-11 12:19:27.834root 23542300x80000000000000003909082Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:27.895{ec2d504d-f0f9-61db-30a8-2a40f5550000}5391root/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log--- 11241100x80000000000000003909083Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:28.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ab41e0984c3731e72022-01-11 12:19:28.333root 11241100x80000000000000003909084Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:28.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b6a6e5125a028c162022-01-11 12:19:28.333root 11241100x80000000000000003909085Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:28.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f590e57e3d3a739f2022-01-11 12:19:28.334root 11241100x80000000000000003909086Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:28.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.03f943672cc5e4462022-01-11 12:19:28.334root 11241100x80000000000000003909087Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:28.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2b303276bf7fab172022-01-11 12:19:28.334root 11241100x80000000000000003909088Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:28.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1cdea71a072c94b72022-01-11 12:19:28.334root 11241100x80000000000000003909089Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:28.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f745545bfb2304a92022-01-11 12:19:28.833root 11241100x80000000000000003909090Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:28.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.181b7a28acdcc3432022-01-11 12:19:28.833root 11241100x80000000000000003909091Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:28.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.27aed3671d04cf042022-01-11 12:19:28.834root 11241100x80000000000000003909092Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:28.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.264a6b731bb81ed12022-01-11 12:19:28.834root 11241100x80000000000000003909093Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:28.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f7e1d1ac3d64bda2022-01-11 12:19:28.834root 11241100x80000000000000003909094Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:28.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d191281fefb9d03c2022-01-11 12:19:28.834root 354300x80000000000000003909095Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:29.144{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56272-false10.0.1.12-8000- 11241100x80000000000000003909096Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:29.145{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.26b87069b23d95c42022-01-11 12:19:29.145root 11241100x80000000000000003909097Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:29.145{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eefde88ea745c86a2022-01-11 12:19:29.145root 11241100x80000000000000003909098Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:29.145{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.92daa595430431a72022-01-11 12:19:29.145root 11241100x80000000000000003909099Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:29.145{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.29f85731cc1892532022-01-11 12:19:29.145root 11241100x80000000000000003909100Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:29.145{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ed0e834c58248f72022-01-11 12:19:29.145root 11241100x80000000000000003909101Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:29.146{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.84a1fe5439f921862022-01-11 12:19:29.146root 11241100x80000000000000003909102Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:29.146{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d32fb9a1c10b26452022-01-11 12:19:29.146root 11241100x80000000000000003909103Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:29.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec8c1b3ad02bef422022-01-11 12:19:29.583root 11241100x80000000000000003909104Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:29.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.06ff0f50290704a52022-01-11 12:19:29.583root 11241100x80000000000000003909105Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:29.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ddddaaa5e8a9c3d2022-01-11 12:19:29.583root 11241100x80000000000000003909106Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:29.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f4f90827cdfa22a2022-01-11 12:19:29.583root 11241100x80000000000000003909107Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:29.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a4fa9327433fe0882022-01-11 12:19:29.584root 11241100x80000000000000003909108Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:29.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.557a1d08f5ed19892022-01-11 12:19:29.584root 11241100x80000000000000003909109Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:29.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7dcef1f9b729c7982022-01-11 12:19:29.584root 11241100x80000000000000003909110Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:30.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.068ae4054c1807c42022-01-11 12:19:30.083root 11241100x80000000000000003909111Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:30.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa780d84c185b9b52022-01-11 12:19:30.083root 11241100x80000000000000003909112Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:30.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5db8f5dac47734f12022-01-11 12:19:30.084root 11241100x80000000000000003909113Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:30.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a10fe4bb8e6f81d2022-01-11 12:19:30.084root 11241100x80000000000000003909114Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:30.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2a94078ed8507f802022-01-11 12:19:30.084root 11241100x80000000000000003909115Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:30.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.905ecb6666b4dc652022-01-11 12:19:30.084root 11241100x80000000000000003909116Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:30.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb5eaf0377e88c362022-01-11 12:19:30.084root 11241100x80000000000000003909117Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:30.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48b14e280f45249b2022-01-11 12:19:30.583root 11241100x80000000000000003909118Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:30.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0b4268d618889182022-01-11 12:19:30.583root 11241100x80000000000000003909119Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:30.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.51ee857b2dcbca202022-01-11 12:19:30.584root 11241100x80000000000000003909120Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:30.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2494dcf9dc1b6b92022-01-11 12:19:30.584root 11241100x80000000000000003909121Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:30.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c7e2c40d094a187f2022-01-11 12:19:30.584root 11241100x80000000000000003909122Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:30.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de832c18c187a8082022-01-11 12:19:30.584root 11241100x80000000000000003909123Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:30.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6e33ef7d7246bff92022-01-11 12:19:30.584root 11241100x80000000000000003909124Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:31.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2fc56223b366c9662022-01-11 12:19:31.083root 11241100x80000000000000003909125Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:31.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b1ca81892be8904a2022-01-11 12:19:31.083root 11241100x80000000000000003909126Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:31.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.809f2e7ecf1a8c4c2022-01-11 12:19:31.083root 11241100x80000000000000003909127Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:31.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a9fb86063a730a5d2022-01-11 12:19:31.083root 11241100x80000000000000003909128Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:31.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d3bb906b47ba8282022-01-11 12:19:31.084root 11241100x80000000000000003909129Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:31.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.86ad97c942a5efa12022-01-11 12:19:31.084root 11241100x80000000000000003909130Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:31.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c5b1edc6e774f5192022-01-11 12:19:31.084root 11241100x80000000000000003909131Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:31.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.afe5f6026585441d2022-01-11 12:19:31.583root 11241100x80000000000000003909132Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:31.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.36c53ddfd3cc3aed2022-01-11 12:19:31.583root 11241100x80000000000000003909133Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:31.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2531a1a90368492c2022-01-11 12:19:31.583root 11241100x80000000000000003909134Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:31.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef0511ea2be6d3ba2022-01-11 12:19:31.584root 11241100x80000000000000003909135Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:31.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09fe87d8c1b5e1522022-01-11 12:19:31.584root 11241100x80000000000000003909136Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:31.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47288d00224991e32022-01-11 12:19:31.584root 11241100x80000000000000003909137Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:31.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a5a7feb02c7a85872022-01-11 12:19:31.584root 11241100x80000000000000003909138Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:32.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ab607c43b5b98c152022-01-11 12:19:32.083root 11241100x80000000000000003909139Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:32.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.080395f64fb352f52022-01-11 12:19:32.083root 11241100x80000000000000003909140Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:32.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ce9f0db6c4049712022-01-11 12:19:32.083root 11241100x80000000000000003909141Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:32.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bf8119617580795b2022-01-11 12:19:32.083root 11241100x80000000000000003909142Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:32.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5632d374ba1feb552022-01-11 12:19:32.084root 11241100x80000000000000003909143Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:32.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.744f0ed559d406dc2022-01-11 12:19:32.084root 11241100x80000000000000003909144Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:32.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c734ba5d98d218702022-01-11 12:19:32.084root 11241100x80000000000000003909145Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:32.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.93327bad27f672752022-01-11 12:19:32.583root 11241100x80000000000000003909146Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:32.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d0f452d164485eda2022-01-11 12:19:32.583root 11241100x80000000000000003909147Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:32.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f06e0b4209b91d962022-01-11 12:19:32.583root 11241100x80000000000000003909148Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:32.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41b01d9136e687a52022-01-11 12:19:32.583root 11241100x80000000000000003909149Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:32.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f5e816f2011603e2022-01-11 12:19:32.584root 11241100x80000000000000003909150Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:32.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d4b58d97592f9f0f2022-01-11 12:19:32.584root 11241100x80000000000000003909151Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:32.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8a80405c6be30c22022-01-11 12:19:32.584root 11241100x80000000000000003909152Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:33.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.18fcb54207dc42202022-01-11 12:19:33.083root 11241100x80000000000000003909153Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:33.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d9801fe7a754b8dc2022-01-11 12:19:33.083root 11241100x80000000000000003909154Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:33.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a946b771691cc202022-01-11 12:19:33.083root 11241100x80000000000000003909155Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:33.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.586fc44d7c936c4c2022-01-11 12:19:33.083root 11241100x80000000000000003909156Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:33.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed5a7fb462a6e13e2022-01-11 12:19:33.083root 11241100x80000000000000003909157Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:33.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed6acdcd1053e1662022-01-11 12:19:33.083root 11241100x80000000000000003909158Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:33.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.128d1b8519677e752022-01-11 12:19:33.084root 11241100x80000000000000003909159Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:33.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d713b0c5adc076972022-01-11 12:19:33.583root 11241100x80000000000000003909160Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:33.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0547853ccb8f67f2022-01-11 12:19:33.583root 11241100x80000000000000003909161Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:33.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.267a8fe369e2251d2022-01-11 12:19:33.583root 11241100x80000000000000003909162Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:33.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.45f724e5b6756cf22022-01-11 12:19:33.583root 11241100x80000000000000003909163Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:33.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e6d5625692f52be2022-01-11 12:19:33.583root 11241100x80000000000000003909164Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:33.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ba0e4a04ab717d92022-01-11 12:19:33.583root 11241100x80000000000000003909165Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:33.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.57d813b787194cca2022-01-11 12:19:33.584root 11241100x80000000000000003909166Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:34.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4384711e9f6304e22022-01-11 12:19:34.083root 11241100x80000000000000003909167Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:34.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.955fbc2c75fcfed52022-01-11 12:19:34.084root 11241100x80000000000000003909168Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:34.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.28c393f1723711732022-01-11 12:19:34.084root 11241100x80000000000000003909169Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:34.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91497c4c457274142022-01-11 12:19:34.084root 11241100x80000000000000003909170Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:34.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c24c46e1a5ccd102022-01-11 12:19:34.084root 11241100x80000000000000003909171Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:34.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6944b633782271052022-01-11 12:19:34.085root 11241100x80000000000000003909172Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:34.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4aaf71b7735b41ab2022-01-11 12:19:34.085root 11241100x80000000000000003909173Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:34.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6be76f82a8460a6a2022-01-11 12:19:34.583root 11241100x80000000000000003909174Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:34.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6aa5d743c44c5ee2022-01-11 12:19:34.584root 11241100x80000000000000003909175Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:34.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.edc3828a2c5230892022-01-11 12:19:34.584root 11241100x80000000000000003909176Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:34.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c22b918bb4df278d2022-01-11 12:19:34.584root 11241100x80000000000000003909177Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:34.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1e3f3ca6836a207a2022-01-11 12:19:34.584root 11241100x80000000000000003909178Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:34.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8afa3130309b85472022-01-11 12:19:34.585root 11241100x80000000000000003909179Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:34.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ab65af691ff580d02022-01-11 12:19:34.585root 354300x80000000000000003909180Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:35.024{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56274-false10.0.1.12-8000- 11241100x80000000000000003909181Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:35.024{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e31b810873256ac22022-01-11 12:19:35.024root 11241100x80000000000000003909182Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:35.024{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dfb1ba1008b0e3a42022-01-11 12:19:35.024root 11241100x80000000000000003909183Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:35.025{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.080d39f70d0763e32022-01-11 12:19:35.025root 11241100x80000000000000003909184Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:35.025{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.931d6b7efafb57c62022-01-11 12:19:35.025root 11241100x80000000000000003909185Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:35.025{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f10dbff044678c912022-01-11 12:19:35.025root 11241100x80000000000000003909186Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:35.025{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3142ca499bded2352022-01-11 12:19:35.025root 11241100x80000000000000003909187Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:35.025{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d5ffe2872edc3c2a2022-01-11 12:19:35.025root 11241100x80000000000000003909188Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:35.025{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.35eb7759edd304d02022-01-11 12:19:35.025root 11241100x80000000000000003909189Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:35.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca26a2472948b1b22022-01-11 12:19:35.333root 11241100x80000000000000003909190Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:35.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dbce40fb4439426d2022-01-11 12:19:35.333root 11241100x80000000000000003909191Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:35.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.03a07ba6188aa5ab2022-01-11 12:19:35.333root 11241100x80000000000000003909192Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:35.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.374401e47c373a6c2022-01-11 12:19:35.334root 11241100x80000000000000003909193Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:35.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2af29c210e59f7762022-01-11 12:19:35.334root 11241100x80000000000000003909194Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:35.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b159bcbe2e4c4c1e2022-01-11 12:19:35.334root 11241100x80000000000000003909195Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:35.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.136fad566ddb5aa82022-01-11 12:19:35.334root 11241100x80000000000000003909196Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:35.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.625f1fbb78d5e8852022-01-11 12:19:35.334root 11241100x80000000000000003909197Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:35.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd893070c671077b2022-01-11 12:19:35.833root 11241100x80000000000000003909198Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:35.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a568af5c77afd472022-01-11 12:19:35.834root 11241100x80000000000000003909199Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:35.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.15d15a8a704e38762022-01-11 12:19:35.834root 11241100x80000000000000003909200Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:35.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21ea5880f85ad8b92022-01-11 12:19:35.834root 11241100x80000000000000003909201Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:35.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.88bf3a713383a3e52022-01-11 12:19:35.834root 11241100x80000000000000003909202Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:35.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc33b9abf0f6e34f2022-01-11 12:19:35.834root 11241100x80000000000000003909203Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:35.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f5d886aabc6e1e02022-01-11 12:19:35.834root 11241100x80000000000000003909204Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:35.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b957593811e700542022-01-11 12:19:35.834root 11241100x80000000000000003909205Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:36.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.442a0a59d24f4aba2022-01-11 12:19:36.333root 11241100x80000000000000003909206Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:36.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da9757320713dc662022-01-11 12:19:36.333root 11241100x80000000000000003909207Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:36.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c809a55c1a811a862022-01-11 12:19:36.334root 11241100x80000000000000003909208Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:36.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.716f335d7816b4e52022-01-11 12:19:36.334root 11241100x80000000000000003909209Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:36.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.80d1aba4a88a8b862022-01-11 12:19:36.334root 11241100x80000000000000003909210Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:36.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec238a762551f18e2022-01-11 12:19:36.334root 11241100x80000000000000003909211Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:36.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41ab6ea67bf3db502022-01-11 12:19:36.334root 11241100x80000000000000003909212Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:36.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a945a592d44fc0c2022-01-11 12:19:36.334root 11241100x80000000000000003909213Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:36.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb4732a59fe85a772022-01-11 12:19:36.833root 11241100x80000000000000003909214Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:36.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f65e4399176ab7862022-01-11 12:19:36.833root 11241100x80000000000000003909215Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:36.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aad4fd9edf3c36c72022-01-11 12:19:36.833root 11241100x80000000000000003909216Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:36.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.53c2f8732ba1cb612022-01-11 12:19:36.834root 11241100x80000000000000003909217Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:36.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e411459b97ef95cc2022-01-11 12:19:36.834root 11241100x80000000000000003909218Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:36.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c5e58a46e1c867282022-01-11 12:19:36.834root 11241100x80000000000000003909219Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:36.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4fe3ac6156b33a592022-01-11 12:19:36.834root 11241100x80000000000000003909220Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:36.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f5e0ca56b2a1eb882022-01-11 12:19:36.834root 11241100x80000000000000003909221Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:37.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4657fb4a6a7f92a2022-01-11 12:19:37.333root 11241100x80000000000000003909222Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:37.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.30b9bcefbfef0e4f2022-01-11 12:19:37.333root 11241100x80000000000000003909223Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:37.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.405e66f3af51b38e2022-01-11 12:19:37.333root 11241100x80000000000000003909224Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:37.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.baf4ce3dacf803982022-01-11 12:19:37.334root 11241100x80000000000000003909225Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:37.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.477c4994e05e64fa2022-01-11 12:19:37.334root 11241100x80000000000000003909226Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:37.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e95f9f45171f85a2022-01-11 12:19:37.334root 11241100x80000000000000003909227Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:37.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63f548532b866e5b2022-01-11 12:19:37.334root 11241100x80000000000000003909228Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:37.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c590d11872474482022-01-11 12:19:37.334root 11241100x80000000000000003909229Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:37.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.29415d03a74aa89f2022-01-11 12:19:37.833root 11241100x80000000000000003909230Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:37.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c37b0ca685ddb3ed2022-01-11 12:19:37.833root 11241100x80000000000000003909231Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:37.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a2a32aa307e04b232022-01-11 12:19:37.834root 11241100x80000000000000003909232Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:37.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b04a5cb71ea30f42022-01-11 12:19:37.834root 11241100x80000000000000003909233Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:37.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d798f3d6fd24e092022-01-11 12:19:37.834root 11241100x80000000000000003909234Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:37.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e7c2a7c3d27c6e92022-01-11 12:19:37.834root 11241100x80000000000000003909235Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:37.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f880008bd46a59c2022-01-11 12:19:37.834root 11241100x80000000000000003909236Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:37.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cfcdb6f965106f822022-01-11 12:19:37.834root 11241100x80000000000000003909237Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:38.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fcaa29defcbc733f2022-01-11 12:19:38.334root 11241100x80000000000000003909238Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:38.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e68d7fa2e64b86c2022-01-11 12:19:38.334root 11241100x80000000000000003909239Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:38.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.05c213bcea46714d2022-01-11 12:19:38.334root 11241100x80000000000000003909240Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:38.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.83fb0dc012a729032022-01-11 12:19:38.334root 11241100x80000000000000003909241Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:38.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.74aa39cedc3434e22022-01-11 12:19:38.335root 11241100x80000000000000003909242Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:38.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.50ac4099e82022212022-01-11 12:19:38.335root 11241100x80000000000000003909243Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:38.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0fa20d5ee3050c3f2022-01-11 12:19:38.335root 11241100x80000000000000003909244Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:38.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a84d7c8834bd40332022-01-11 12:19:38.335root 11241100x80000000000000003909245Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:38.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8e980e78bc968362022-01-11 12:19:38.833root 11241100x80000000000000003909246Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:38.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f77f9edd24f473c62022-01-11 12:19:38.833root 11241100x80000000000000003909247Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:38.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95a10d92d58c77962022-01-11 12:19:38.833root 11241100x80000000000000003909248Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:38.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a7774e47cb5ce992022-01-11 12:19:38.834root 11241100x80000000000000003909249Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:38.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90670ed7e9d4383b2022-01-11 12:19:38.834root 11241100x80000000000000003909250Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:38.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0858f034aa018f22022-01-11 12:19:38.834root 11241100x80000000000000003909251Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:38.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e479ddccfd1db532022-01-11 12:19:38.834root 11241100x80000000000000003909252Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:38.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3bee19ff0d2a560b2022-01-11 12:19:38.834root 11241100x80000000000000003909253Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:39.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.92d24659dbee3c7e2022-01-11 12:19:39.334root 11241100x80000000000000003909254Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:39.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ddad64fcc301a2b72022-01-11 12:19:39.334root 11241100x80000000000000003909255Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:39.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.17396b5570002da62022-01-11 12:19:39.334root 11241100x80000000000000003909256Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:39.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da873d61dae13d452022-01-11 12:19:39.334root 11241100x80000000000000003909257Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:39.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5eb091e61a7ce0212022-01-11 12:19:39.335root 11241100x80000000000000003909258Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:39.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8a30da88d3e283752022-01-11 12:19:39.335root 11241100x80000000000000003909259Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:39.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e11155f4c7bd13252022-01-11 12:19:39.335root 11241100x80000000000000003909260Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:39.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.358eaa262ea988482022-01-11 12:19:39.335root 11241100x80000000000000003909261Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:39.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c782d5fbe65a95ac2022-01-11 12:19:39.833root 11241100x80000000000000003909262Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:39.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.65306dbb07ec79002022-01-11 12:19:39.833root 11241100x80000000000000003909263Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:39.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c39ce08ed65bc4a62022-01-11 12:19:39.833root 11241100x80000000000000003909264Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:39.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fcd61cec251e463e2022-01-11 12:19:39.834root 11241100x80000000000000003909265Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:39.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f91f2b5ed74090752022-01-11 12:19:39.834root 11241100x80000000000000003909266Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:39.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d15e9ed488d28a02022-01-11 12:19:39.834root 11241100x80000000000000003909267Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:39.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a92a7369cc073d702022-01-11 12:19:39.834root 11241100x80000000000000003909268Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:39.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4676858c19fd9f32022-01-11 12:19:39.834root 11241100x80000000000000003909269Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:40.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bcf7756e82f0eb912022-01-11 12:19:40.333root 11241100x80000000000000003909270Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:40.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.faa67a153e32082a2022-01-11 12:19:40.333root 11241100x80000000000000003909271Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:40.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.022c32bda3278c032022-01-11 12:19:40.334root 11241100x80000000000000003909272Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:40.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ccc2b4008b7b80ab2022-01-11 12:19:40.334root 11241100x80000000000000003909273Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:40.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.70af99a4101e9c5c2022-01-11 12:19:40.334root 11241100x80000000000000003909274Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:40.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dfb9d35d7b7b96732022-01-11 12:19:40.334root 11241100x80000000000000003909275Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:40.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a70c67d9014646062022-01-11 12:19:40.334root 11241100x80000000000000003909276Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:40.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af0cc72ce391c8d42022-01-11 12:19:40.334root 11241100x80000000000000003909277Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:40.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f04f8602bb58d3262022-01-11 12:19:40.833root 11241100x80000000000000003909278Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:40.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8db0c10fd3eaa1fc2022-01-11 12:19:40.833root 11241100x80000000000000003909279Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:40.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7c187c44e073abc2022-01-11 12:19:40.833root 11241100x80000000000000003909280Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:40.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6cfa63a3ccb4e9162022-01-11 12:19:40.834root 11241100x80000000000000003909281Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:40.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.910b841c1d12bdfa2022-01-11 12:19:40.834root 11241100x80000000000000003909282Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:40.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d36daa475877cbe2022-01-11 12:19:40.834root 11241100x80000000000000003909283Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:40.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.07a3708a02c0cb4a2022-01-11 12:19:40.834root 11241100x80000000000000003909284Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:40.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.68a091bd874e41912022-01-11 12:19:40.834root 354300x80000000000000003909285Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:41.014{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56276-false10.0.1.12-8000- 11241100x80000000000000003909286Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:41.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d3cd545d743e84932022-01-11 12:19:41.333root 11241100x80000000000000003909287Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:41.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b14f2cedd9280b932022-01-11 12:19:41.333root 11241100x80000000000000003909288Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:41.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.319c27cf84f7ade02022-01-11 12:19:41.334root 11241100x80000000000000003909289Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:41.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b89d2ea052834f5f2022-01-11 12:19:41.334root 11241100x80000000000000003909290Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:41.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9eddec6596a5a7702022-01-11 12:19:41.334root 11241100x80000000000000003909291Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:41.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f097ff6f948f76ed2022-01-11 12:19:41.334root 11241100x80000000000000003909292Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:41.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bdda56c8ed2995052022-01-11 12:19:41.334root 11241100x80000000000000003909293Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:41.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e798c57bd72255b62022-01-11 12:19:41.334root 11241100x80000000000000003909294Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:41.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.458e44645253b76f2022-01-11 12:19:41.334root 154100x80000000000000003909295Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:41.461{ec2d504d-75dd-61dd-68c4-8ef739560000}9856/bin/ps-----ps -e -o pid,ppid,state,command/var/snap/amazon-ssm-agent/4046root{ec2d504d-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}2402--- 534500x80000000000000003909296Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:41.476{ec2d504d-75dd-61dd-68c4-8ef739560000}9856/bin/psroot 11241100x80000000000000003909297Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:41.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b1a63692a2e656872022-01-11 12:19:41.833root 11241100x80000000000000003909298Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:41.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a21179f2eef4c0552022-01-11 12:19:41.834root 11241100x80000000000000003909299Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:41.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54f0b9135c949a182022-01-11 12:19:41.834root 11241100x80000000000000003909300Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:41.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.373ce237906523812022-01-11 12:19:41.834root 11241100x80000000000000003909301Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:41.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b792dc6b98c72ac2022-01-11 12:19:41.834root 11241100x80000000000000003909302Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:41.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4504569665277d372022-01-11 12:19:41.834root 11241100x80000000000000003909303Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:41.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.44e603571a1c29b22022-01-11 12:19:41.834root 11241100x80000000000000003909304Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:41.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d4a3af897ff325d92022-01-11 12:19:41.834root 11241100x80000000000000003909305Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:41.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e030926ec43690152022-01-11 12:19:41.834root 11241100x80000000000000003909306Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:41.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.900eca9d86ed83ec2022-01-11 12:19:41.834root 11241100x80000000000000003909307Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:41.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.19c692842d8ad2522022-01-11 12:19:41.834root 11241100x80000000000000003909308Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:42.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.11bd24b6edf3b0352022-01-11 12:19:42.333root 11241100x80000000000000003909309Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:42.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd5e8e7c2f8a5eb12022-01-11 12:19:42.334root 11241100x80000000000000003909310Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:42.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fb94918d3fde2bc42022-01-11 12:19:42.334root 11241100x80000000000000003909311Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:42.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8812e835c4a3efcc2022-01-11 12:19:42.334root 11241100x80000000000000003909312Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:42.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bcf88e62a243aa2a2022-01-11 12:19:42.334root 11241100x80000000000000003909313Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:42.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f481c42c80fb8dc72022-01-11 12:19:42.334root 11241100x80000000000000003909314Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:42.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fef864e96ac6f90d2022-01-11 12:19:42.334root 11241100x80000000000000003909315Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:42.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.12cd772ff5a60c6a2022-01-11 12:19:42.334root 11241100x80000000000000003909316Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:42.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.61e2ce7f7f5ebe7a2022-01-11 12:19:42.334root 11241100x80000000000000003909317Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:42.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.05cae15b33b7f7f22022-01-11 12:19:42.335root 11241100x80000000000000003909318Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:42.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ddabd59eb80e67662022-01-11 12:19:42.335root 11241100x80000000000000003909319Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:42.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d782f7a349b18982022-01-11 12:19:42.833root 11241100x80000000000000003909320Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:42.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.988b649161194f632022-01-11 12:19:42.833root 11241100x80000000000000003909321Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:42.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9df60e6221b5d4872022-01-11 12:19:42.834root 11241100x80000000000000003909322Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:42.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b5bc8e4d85dece82022-01-11 12:19:42.834root 11241100x80000000000000003909323Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:42.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c220612ab7ca2b72022-01-11 12:19:42.834root 11241100x80000000000000003909324Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:42.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bfd9553416408ff32022-01-11 12:19:42.834root 11241100x80000000000000003909325Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:42.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e02dd6665bb14d992022-01-11 12:19:42.834root 11241100x80000000000000003909326Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:42.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f7c0ad59c934d3db2022-01-11 12:19:42.834root 11241100x80000000000000003909327Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:42.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6376633e74392cb22022-01-11 12:19:42.834root 11241100x80000000000000003909328Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:42.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.516ac6b6ca421b482022-01-11 12:19:42.834root 11241100x80000000000000003909329Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:42.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1510b36ef009a3c32022-01-11 12:19:42.835root 11241100x80000000000000003909330Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:43.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e94ef794788571ed2022-01-11 12:19:43.333root 11241100x80000000000000003909331Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:43.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4b88becb40588c62022-01-11 12:19:43.333root 11241100x80000000000000003909332Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:43.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6e2243226575dbd92022-01-11 12:19:43.333root 11241100x80000000000000003909333Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:43.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db8d75fd9e39e48d2022-01-11 12:19:43.334root 11241100x80000000000000003909334Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:43.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5803811ef99983292022-01-11 12:19:43.334root 11241100x80000000000000003909335Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:43.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1650667cf63f40332022-01-11 12:19:43.334root 11241100x80000000000000003909336Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:43.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.854352a47dff1b542022-01-11 12:19:43.334root 11241100x80000000000000003909337Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:43.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2976a8c6379e6162022-01-11 12:19:43.334root 11241100x80000000000000003909338Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:43.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.35744b16da0c0f852022-01-11 12:19:43.334root 11241100x80000000000000003909339Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:43.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23915c4532949dff2022-01-11 12:19:43.335root 11241100x80000000000000003909340Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:43.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f40c848101e40cde2022-01-11 12:19:43.335root 11241100x80000000000000003909341Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:43.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f8a2c178efba2eef2022-01-11 12:19:43.833root 11241100x80000000000000003909342Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:43.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6474449241d2c7a2022-01-11 12:19:43.834root 11241100x80000000000000003909343Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:43.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.87f418be8c73df8a2022-01-11 12:19:43.834root 11241100x80000000000000003909344Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:43.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.afb4d8718c1bf07d2022-01-11 12:19:43.834root 11241100x80000000000000003909345Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:43.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d059550746309ec32022-01-11 12:19:43.834root 11241100x80000000000000003909346Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:43.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ce04245648bb1b22022-01-11 12:19:43.835root 11241100x80000000000000003909347Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:43.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9fabf2197087830d2022-01-11 12:19:43.835root 11241100x80000000000000003909348Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:43.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce84a88f5c1828982022-01-11 12:19:43.835root 11241100x80000000000000003909349Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:43.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.777b1782d87221fb2022-01-11 12:19:43.835root 11241100x80000000000000003909350Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:43.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d33720d9d9ae4d62022-01-11 12:19:43.835root 11241100x80000000000000003909351Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:43.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00ad17c5e43af29a2022-01-11 12:19:43.835root 11241100x80000000000000003909352Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:44.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0dd5c09ee4f13cae2022-01-11 12:19:44.333root 11241100x80000000000000003909353Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:44.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7eb4d173eb7cf04c2022-01-11 12:19:44.334root 11241100x80000000000000003909354Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:44.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b3afef2d0691fca2022-01-11 12:19:44.334root 11241100x80000000000000003909355Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:44.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac0c674ba3c00d7c2022-01-11 12:19:44.334root 11241100x80000000000000003909356Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:44.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1278251c53fae8b52022-01-11 12:19:44.334root 11241100x80000000000000003909357Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:44.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa51be545301038d2022-01-11 12:19:44.334root 11241100x80000000000000003909358Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:44.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.030cd3f7a1a27cb32022-01-11 12:19:44.334root 11241100x80000000000000003909359Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:44.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a76369043432fbbc2022-01-11 12:19:44.334root 11241100x80000000000000003909360Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:44.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c77f32b7377413b72022-01-11 12:19:44.334root 11241100x80000000000000003909361Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:44.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7662e71bec6661d32022-01-11 12:19:44.334root 11241100x80000000000000003909362Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:44.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d6b26848105c3742022-01-11 12:19:44.334root 11241100x80000000000000003909363Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:44.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47944c17a9e061a02022-01-11 12:19:44.833root 11241100x80000000000000003909364Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:44.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.577cb2b3745b7dbc2022-01-11 12:19:44.833root 11241100x80000000000000003909365Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:44.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ccf36abebcd679902022-01-11 12:19:44.834root 11241100x80000000000000003909366Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:44.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cb38aafd252a7f802022-01-11 12:19:44.834root 11241100x80000000000000003909367Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:44.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c30af62ded9b09892022-01-11 12:19:44.834root 11241100x80000000000000003909368Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:44.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.089aaf1bced5e4362022-01-11 12:19:44.834root 11241100x80000000000000003909369Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:44.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ffc32dffb6112302022-01-11 12:19:44.834root 11241100x80000000000000003909370Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:44.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9dd2d47849a6a17a2022-01-11 12:19:44.834root 11241100x80000000000000003909371Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:44.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.42ea63424f7765372022-01-11 12:19:44.834root 11241100x80000000000000003909372Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:44.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bbf7430932c472b42022-01-11 12:19:44.834root 11241100x80000000000000003909373Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:44.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.827ad4b1847320922022-01-11 12:19:44.835root 11241100x80000000000000003909374Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:45.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d83f87ca880e96442022-01-11 12:19:45.334root 11241100x80000000000000003909375Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:45.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.abf39c0aa304f6182022-01-11 12:19:45.334root 11241100x80000000000000003909376Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:45.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.26018a4a14ad4c8e2022-01-11 12:19:45.334root 11241100x80000000000000003909377Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:45.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec1428e1741b69892022-01-11 12:19:45.334root 11241100x80000000000000003909378Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:45.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7173afcef6289c662022-01-11 12:19:45.334root 11241100x80000000000000003909379Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:45.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a7de8364812d6f62022-01-11 12:19:45.334root 11241100x80000000000000003909380Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:45.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.37d42aec72b095432022-01-11 12:19:45.334root 11241100x80000000000000003909381Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:45.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a1f709fd98eb1ea2022-01-11 12:19:45.334root 11241100x80000000000000003909382Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:45.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2373ad1f0d2a2afd2022-01-11 12:19:45.334root 11241100x80000000000000003909383Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:45.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e2903916492166d92022-01-11 12:19:45.334root 11241100x80000000000000003909384Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:45.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b1b6a153eb6292c72022-01-11 12:19:45.335root 11241100x80000000000000003909385Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:45.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.008ba8f8ab1da4702022-01-11 12:19:45.833root 11241100x80000000000000003909386Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:45.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fb0a1b3ccb3ff9872022-01-11 12:19:45.834root 11241100x80000000000000003909387Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:45.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4be1d50f0b819d2e2022-01-11 12:19:45.834root 11241100x80000000000000003909388Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:45.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0ea1093e4a3795e82022-01-11 12:19:45.834root 11241100x80000000000000003909389Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:45.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.40f9e1a213431f1a2022-01-11 12:19:45.835root 11241100x80000000000000003909390Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:45.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2104c1dae1e7121b2022-01-11 12:19:45.835root 11241100x80000000000000003909391Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:45.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d858c2f2511537592022-01-11 12:19:45.835root 11241100x80000000000000003909392Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:45.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38cf0a8399699c932022-01-11 12:19:45.835root 11241100x80000000000000003909393Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:45.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.83620d99f5338e642022-01-11 12:19:45.835root 11241100x80000000000000003909394Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:45.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.14624c6c35db196d2022-01-11 12:19:45.836root 11241100x80000000000000003909395Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:45.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.39a3bc7eeffbc3cc2022-01-11 12:19:45.836root 354300x80000000000000003909396Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:46.102{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56278-false10.0.1.12-8000- 11241100x80000000000000003909397Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:46.104{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.32b94d910ef67bd52022-01-11 12:19:46.104root 11241100x80000000000000003909398Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:46.104{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c40ee55142f107fc2022-01-11 12:19:46.104root 11241100x80000000000000003909399Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:46.104{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4058c8c514d4850d2022-01-11 12:19:46.104root 11241100x80000000000000003909400Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:46.104{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3afdb638e0391d8a2022-01-11 12:19:46.104root 11241100x80000000000000003909401Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:46.104{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c90dfd2c151ea0ea2022-01-11 12:19:46.104root 11241100x80000000000000003909402Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:46.104{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a651b59927fcd8812022-01-11 12:19:46.104root 11241100x80000000000000003909403Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:46.104{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e810b68d031a3c162022-01-11 12:19:46.104root 11241100x80000000000000003909404Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:46.104{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6868341709e9fe9a2022-01-11 12:19:46.104root 11241100x80000000000000003909405Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:46.105{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.584f0d65befe8f5d2022-01-11 12:19:46.105root 11241100x80000000000000003909406Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:46.105{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e280b0ead302076e2022-01-11 12:19:46.105root 11241100x80000000000000003909407Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:46.105{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dea1946ebc0163e32022-01-11 12:19:46.105root 11241100x80000000000000003909408Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:46.105{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c4a4664f62df4932022-01-11 12:19:46.105root 11241100x80000000000000003909409Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:46.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.736550ddbd2c64df2022-01-11 12:19:46.584root 11241100x80000000000000003909410Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:46.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a353825dadf66a82022-01-11 12:19:46.584root 11241100x80000000000000003909411Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:46.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25b95927a72ebee02022-01-11 12:19:46.584root 11241100x80000000000000003909412Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:46.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69aef3d1700e03bb2022-01-11 12:19:46.584root 11241100x80000000000000003909413Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:46.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f9949cdc83b6c7e62022-01-11 12:19:46.584root 11241100x80000000000000003909414Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:46.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.808f48f241a007b32022-01-11 12:19:46.584root 11241100x80000000000000003909415Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:46.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.87184808b15c37512022-01-11 12:19:46.584root 11241100x80000000000000003909416Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:46.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96829bf5c1eb22a82022-01-11 12:19:46.584root 11241100x80000000000000003909417Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:46.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.74d0e6007d1f904f2022-01-11 12:19:46.584root 11241100x80000000000000003909418Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:46.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.97d68111ad67b2082022-01-11 12:19:46.584root 11241100x80000000000000003909419Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:46.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b0081df28d31e8622022-01-11 12:19:46.584root 11241100x80000000000000003909420Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:46.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e8f013764dc58dc2022-01-11 12:19:46.584root 11241100x80000000000000003909421Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:47.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.caf8c00145ac71ce2022-01-11 12:19:47.083root 11241100x80000000000000003909422Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:47.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.56cbcac2368e4c822022-01-11 12:19:47.083root 11241100x80000000000000003909423Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:47.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.baf3e6321e0ed8cd2022-01-11 12:19:47.083root 11241100x80000000000000003909424Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:47.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e33fbc897d000f82022-01-11 12:19:47.083root 11241100x80000000000000003909425Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:47.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ce8298eb1c3db172022-01-11 12:19:47.084root 11241100x80000000000000003909426Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:47.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f48152fcc8ce774c2022-01-11 12:19:47.084root 11241100x80000000000000003909427Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:47.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c580c8ac122da4b72022-01-11 12:19:47.084root 11241100x80000000000000003909428Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:47.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.60d38655b3c134c32022-01-11 12:19:47.084root 11241100x80000000000000003909429Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:47.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6efa13cec65684b2022-01-11 12:19:47.084root 11241100x80000000000000003909430Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:47.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1045ee518ff1d0942022-01-11 12:19:47.084root 11241100x80000000000000003909431Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:47.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.700f12e88b35da012022-01-11 12:19:47.084root 11241100x80000000000000003909432Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:47.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3cccbc82ad6ec3632022-01-11 12:19:47.084root 11241100x80000000000000003909433Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:47.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db1868b2ddd7247c2022-01-11 12:19:47.583root 11241100x80000000000000003909434Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:47.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1536ea9b2decef02022-01-11 12:19:47.583root 11241100x80000000000000003909435Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:47.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b8420b022da50c732022-01-11 12:19:47.583root 11241100x80000000000000003909436Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:47.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b1dc92f3c6e076252022-01-11 12:19:47.583root 11241100x80000000000000003909437Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:47.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54758e7ef5e60d862022-01-11 12:19:47.583root 11241100x80000000000000003909438Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:47.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a7c7f0626cb242da2022-01-11 12:19:47.583root 11241100x80000000000000003909439Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:47.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c5e1b6f085f4f4cf2022-01-11 12:19:47.584root 11241100x80000000000000003909440Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:47.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.20cc36e8f8eb49b62022-01-11 12:19:47.584root 11241100x80000000000000003909441Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:47.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63defe7e2ea8fa842022-01-11 12:19:47.584root 11241100x80000000000000003909442Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:47.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba6a1f30f03d89e12022-01-11 12:19:47.584root 11241100x80000000000000003909443Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:47.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.024bc9e68737e5c02022-01-11 12:19:47.584root 11241100x80000000000000003909444Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:47.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f16ebe52bec8cbd72022-01-11 12:19:47.584root 11241100x80000000000000003909445Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:48.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6dd07f3836a5af982022-01-11 12:19:48.083root 11241100x80000000000000003909446Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:48.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d2a0e90886fbc11b2022-01-11 12:19:48.084root 11241100x80000000000000003909447Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:48.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.714287b83d4918532022-01-11 12:19:48.084root 11241100x80000000000000003909448Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:48.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.86b29e60635e5e472022-01-11 12:19:48.084root 11241100x80000000000000003909449Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:48.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d66e9e6e77a11c492022-01-11 12:19:48.084root 11241100x80000000000000003909450Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:48.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.70a1ddb62f9604002022-01-11 12:19:48.084root 11241100x80000000000000003909451Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:48.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.04654e2b3bb3145a2022-01-11 12:19:48.085root 11241100x80000000000000003909452Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:48.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a93b0c0ee78c77ed2022-01-11 12:19:48.085root 11241100x80000000000000003909453Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:48.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0cf8063b202dc5b62022-01-11 12:19:48.085root 11241100x80000000000000003909454Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:48.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a35c3835e8081c072022-01-11 12:19:48.085root 11241100x80000000000000003909455Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:48.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d5b96ed7f379d53e2022-01-11 12:19:48.085root 11241100x80000000000000003909456Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:48.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f9f63ba3d9b48ef2022-01-11 12:19:48.085root 11241100x80000000000000003909457Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:48.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b4ba782757c4fe62022-01-11 12:19:48.583root 11241100x80000000000000003909458Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:48.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7777726ae2e973ed2022-01-11 12:19:48.584root 11241100x80000000000000003909459Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:48.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e40886813cc20ec82022-01-11 12:19:48.584root 11241100x80000000000000003909460Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:48.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b268254837a247422022-01-11 12:19:48.584root 11241100x80000000000000003909461Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:48.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8edb7ead039329a52022-01-11 12:19:48.584root 11241100x80000000000000003909462Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.451751e1e0b9783c2022-01-11 12:19:48.585root 11241100x80000000000000003909463Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a907fc827acfaa42022-01-11 12:19:48.585root 11241100x80000000000000003909464Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec67ad4c3f90fe142022-01-11 12:19:48.585root 11241100x80000000000000003909465Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8261768a92fe28c32022-01-11 12:19:48.585root 11241100x80000000000000003909466Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bce2827d19d8c9892022-01-11 12:19:48.585root 11241100x80000000000000003909467Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:48.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6287f068c92ff0272022-01-11 12:19:48.586root 11241100x80000000000000003909468Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:48.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f9683d572cf20302022-01-11 12:19:48.586root 11241100x80000000000000003909469Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:49.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf46ec10eff902322022-01-11 12:19:49.083root 11241100x80000000000000003909470Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:49.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4741e8d1e2e0a45a2022-01-11 12:19:49.084root 11241100x80000000000000003909471Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:49.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d9b0927d48c2ace42022-01-11 12:19:49.084root 11241100x80000000000000003909472Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:49.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1be36b726083ed5d2022-01-11 12:19:49.084root 11241100x80000000000000003909473Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:49.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.31caf6795d75ae0d2022-01-11 12:19:49.084root 11241100x80000000000000003909474Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:49.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f2f3390fec6ac872022-01-11 12:19:49.084root 11241100x80000000000000003909475Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:49.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be0c018fcf3f88b02022-01-11 12:19:49.084root 11241100x80000000000000003909476Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:49.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d19fb63f7531f7a32022-01-11 12:19:49.084root 11241100x80000000000000003909477Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:49.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8e7521de739fa192022-01-11 12:19:49.085root 11241100x80000000000000003909478Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:49.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b803a6211cd5063f2022-01-11 12:19:49.085root 11241100x80000000000000003909479Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:49.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d923df86155a1ab52022-01-11 12:19:49.085root 11241100x80000000000000003909480Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:49.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a3dc050ad2957f982022-01-11 12:19:49.085root 11241100x80000000000000003909481Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:49.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1df1b6c2ebf2d522022-01-11 12:19:49.583root 11241100x80000000000000003909482Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:49.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ebed8a8d285e09b2022-01-11 12:19:49.584root 11241100x80000000000000003909483Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:49.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c439a57803a453142022-01-11 12:19:49.584root 11241100x80000000000000003909484Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:49.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a9530ea4f17b5132022-01-11 12:19:49.584root 11241100x80000000000000003909485Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:49.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6872f8d7a3188a92022-01-11 12:19:49.584root 11241100x80000000000000003909486Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:49.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fed505a9a29be8f82022-01-11 12:19:49.584root 11241100x80000000000000003909487Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:49.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b1390c5247e254392022-01-11 12:19:49.584root 11241100x80000000000000003909488Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:49.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e56886c1a705e1df2022-01-11 12:19:49.584root 11241100x80000000000000003909489Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:49.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f55e742b58284b9c2022-01-11 12:19:49.584root 11241100x80000000000000003909490Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:49.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce85f9550433f3292022-01-11 12:19:49.584root 11241100x80000000000000003909491Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:49.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9fc1070b8d5ddfbd2022-01-11 12:19:49.584root 11241100x80000000000000003909492Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:49.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d868bc0032c31c092022-01-11 12:19:49.584root 11241100x80000000000000003909493Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:50.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da245c086e07f7422022-01-11 12:19:50.083root 11241100x80000000000000003909494Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:50.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.522226d0acf8aaa02022-01-11 12:19:50.083root 11241100x80000000000000003909495Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:50.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d90bf45bbce397b22022-01-11 12:19:50.084root 11241100x80000000000000003909496Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:50.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c5eed3ea7e5591042022-01-11 12:19:50.084root 11241100x80000000000000003909497Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:50.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a3f97e928710575c2022-01-11 12:19:50.084root 11241100x80000000000000003909498Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:50.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00c94e799797685d2022-01-11 12:19:50.084root 11241100x80000000000000003909499Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:50.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dcd410ac4bb583b52022-01-11 12:19:50.084root 11241100x80000000000000003909500Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:50.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6588f1d23ba61a22022-01-11 12:19:50.084root 11241100x80000000000000003909501Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:50.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff1ab0899cd0cefb2022-01-11 12:19:50.084root 11241100x80000000000000003909502Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:50.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0cb20ba1951f3d572022-01-11 12:19:50.085root 11241100x80000000000000003909503Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:50.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e9afdfa65b9eed02022-01-11 12:19:50.085root 11241100x80000000000000003909504Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:50.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.266768b4d82b53e92022-01-11 12:19:50.085root 11241100x80000000000000003909505Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:50.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ea364b1d0a8532a52022-01-11 12:19:50.583root 11241100x80000000000000003909506Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:50.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4ecdce327730a8f2022-01-11 12:19:50.584root 11241100x80000000000000003909507Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:50.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e6b126e4e34965c2022-01-11 12:19:50.584root 11241100x80000000000000003909508Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:50.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b172b7a23969c3ac2022-01-11 12:19:50.584root 11241100x80000000000000003909509Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:50.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.898a0d5e2a2a21cc2022-01-11 12:19:50.584root 11241100x80000000000000003909510Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:50.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c543f4bbe8bd3c92022-01-11 12:19:50.584root 11241100x80000000000000003909511Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:50.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f86a296b1894c6b2022-01-11 12:19:50.584root 11241100x80000000000000003909512Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:50.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b41103a9a1b99ac32022-01-11 12:19:50.584root 11241100x80000000000000003909513Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:50.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.42ada674c77ceffb2022-01-11 12:19:50.584root 11241100x80000000000000003909514Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:50.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0420f6070aac7f42022-01-11 12:19:50.585root 11241100x80000000000000003909515Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:50.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c03c1274fcca91882022-01-11 12:19:50.585root 11241100x80000000000000003909516Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:50.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed2549311ed5c76f2022-01-11 12:19:50.585root 11241100x80000000000000003909517Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:51.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6177f739738ed6e2022-01-11 12:19:51.083root 11241100x80000000000000003909518Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:51.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.821561b54fea6d442022-01-11 12:19:51.084root 11241100x80000000000000003909519Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:51.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d6b581c9be7d0562022-01-11 12:19:51.084root 11241100x80000000000000003909520Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:51.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d3ecdd84318b91ee2022-01-11 12:19:51.084root 11241100x80000000000000003909521Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:51.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d0411724de1b7f412022-01-11 12:19:51.084root 11241100x80000000000000003909522Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:51.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63a95a6bdd1e346e2022-01-11 12:19:51.084root 11241100x80000000000000003909523Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:51.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bbedb6b802ba7c0a2022-01-11 12:19:51.084root 11241100x80000000000000003909524Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:51.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9fa22f760e82276b2022-01-11 12:19:51.084root 11241100x80000000000000003909525Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:51.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ba9bd219813adb52022-01-11 12:19:51.084root 11241100x80000000000000003909526Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:51.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a7de2b038fa576d92022-01-11 12:19:51.085root 11241100x80000000000000003909527Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:51.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b05eb9fe984fda32022-01-11 12:19:51.085root 11241100x80000000000000003909528Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:51.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.186beb204d9244f92022-01-11 12:19:51.085root 354300x80000000000000003909529Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:51.186{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56280-false10.0.1.12-8000- 11241100x80000000000000003909530Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:51.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c03c538ed6fdae92022-01-11 12:19:51.584root 11241100x80000000000000003909531Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:51.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.64fdd001941142362022-01-11 12:19:51.584root 11241100x80000000000000003909532Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:51.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a6f1a83c325d0e92022-01-11 12:19:51.584root 11241100x80000000000000003909533Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:51.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.35e1f33fdf2cb8842022-01-11 12:19:51.584root 11241100x80000000000000003909534Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:51.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.50dd99c3e67c494e2022-01-11 12:19:51.584root 11241100x80000000000000003909535Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:51.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aabf041deeaac7e32022-01-11 12:19:51.584root 11241100x80000000000000003909536Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:51.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7974d0c159ccb7942022-01-11 12:19:51.584root 11241100x80000000000000003909537Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:51.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5fc75cf75f03f3222022-01-11 12:19:51.584root 11241100x80000000000000003909538Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:51.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d9dcf0bb22ad23f22022-01-11 12:19:51.584root 11241100x80000000000000003909539Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:51.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b5ef3b6604adcd732022-01-11 12:19:51.585root 11241100x80000000000000003909540Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:51.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e75efd5195eab9db2022-01-11 12:19:51.585root 11241100x80000000000000003909541Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:51.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c295777b7c6830222022-01-11 12:19:51.585root 11241100x80000000000000003909542Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:51.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4bd3d2193191110b2022-01-11 12:19:51.585root 11241100x80000000000000003909543Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:52.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b6f6eb61b37cfb512022-01-11 12:19:52.084root 11241100x80000000000000003909544Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:52.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c3ccaa4a854c6be2022-01-11 12:19:52.084root 11241100x80000000000000003909545Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:52.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.302c8d8879d631482022-01-11 12:19:52.084root 11241100x80000000000000003909546Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:52.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d833c6bca723115d2022-01-11 12:19:52.084root 11241100x80000000000000003909547Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:52.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.219ddd72d9a2b55d2022-01-11 12:19:52.085root 11241100x80000000000000003909548Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:52.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ee8e102e78b55202022-01-11 12:19:52.085root 11241100x80000000000000003909549Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:52.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5cff8aa242b24b6e2022-01-11 12:19:52.085root 11241100x80000000000000003909550Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:52.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.273aa55ef22d8a502022-01-11 12:19:52.085root 11241100x80000000000000003909551Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:52.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fdfa255bc25174192022-01-11 12:19:52.085root 11241100x80000000000000003909552Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:52.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a14ccfe79e465a72022-01-11 12:19:52.085root 11241100x80000000000000003909553Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:52.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ba173779bffc89b2022-01-11 12:19:52.086root 11241100x80000000000000003909554Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:52.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2419b3cdc47503e52022-01-11 12:19:52.086root 11241100x80000000000000003909555Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:52.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8040d3f076d0a3d2022-01-11 12:19:52.086root 11241100x80000000000000003909556Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:52.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a905884607a78832022-01-11 12:19:52.583root 11241100x80000000000000003909557Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:52.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d56040d21ed462352022-01-11 12:19:52.584root 11241100x80000000000000003909558Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:52.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.522053798f3b4cd82022-01-11 12:19:52.584root 11241100x80000000000000003909559Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:52.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ca995f177d817db2022-01-11 12:19:52.584root 11241100x80000000000000003909560Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:52.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f5b1c6f0d5dbc732022-01-11 12:19:52.585root 11241100x80000000000000003909561Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:52.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc04b149e2ff51662022-01-11 12:19:52.585root 11241100x80000000000000003909562Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:52.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.56813f48369c885f2022-01-11 12:19:52.585root 11241100x80000000000000003909563Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:52.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.153ff1d8efe0c6d92022-01-11 12:19:52.585root 11241100x80000000000000003909564Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:52.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a2433741c8f259732022-01-11 12:19:52.585root 11241100x80000000000000003909565Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:52.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6fdac4afeb7815b2022-01-11 12:19:52.585root 11241100x80000000000000003909566Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:52.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.258b8772642986582022-01-11 12:19:52.586root 11241100x80000000000000003909567Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:52.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de86e718bc5d21162022-01-11 12:19:52.586root 11241100x80000000000000003909568Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:52.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f8d7f98015091b9a2022-01-11 12:19:52.586root 11241100x80000000000000003909569Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:53.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f078ecc6d91da8b42022-01-11 12:19:53.083root 11241100x80000000000000003909570Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:53.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ecb67618e93105832022-01-11 12:19:53.083root 11241100x80000000000000003909571Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:53.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d65636defb977092022-01-11 12:19:53.083root 11241100x80000000000000003909572Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:53.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b55f0f871921cda22022-01-11 12:19:53.083root 11241100x80000000000000003909573Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:53.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba9d835ed79b909f2022-01-11 12:19:53.083root 11241100x80000000000000003909574Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:53.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.764041e8e203bbe92022-01-11 12:19:53.083root 11241100x80000000000000003909575Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:53.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e1a8163f511674352022-01-11 12:19:53.084root 11241100x80000000000000003909576Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:53.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fbcdca50d3fc59d12022-01-11 12:19:53.084root 11241100x80000000000000003909577Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:53.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8cca8234476d6c132022-01-11 12:19:53.084root 11241100x80000000000000003909578Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:53.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dbf09096fe2f60832022-01-11 12:19:53.084root 11241100x80000000000000003909579Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:53.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.caa0eb133f04da132022-01-11 12:19:53.084root 11241100x80000000000000003909580Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:53.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0f661b86b036e44c2022-01-11 12:19:53.084root 11241100x80000000000000003909581Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:53.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f7de14b90815843b2022-01-11 12:19:53.084root 11241100x80000000000000003909582Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:53.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c14b5d03897e6c92022-01-11 12:19:53.583root 11241100x80000000000000003909583Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:53.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f77557f96e866b962022-01-11 12:19:53.583root 11241100x80000000000000003909584Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:53.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f2cf42e84ec23b9a2022-01-11 12:19:53.583root 11241100x80000000000000003909585Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:53.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2023816d2d8e3b032022-01-11 12:19:53.583root 11241100x80000000000000003909586Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:53.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca0bc153e1e6195d2022-01-11 12:19:53.584root 11241100x80000000000000003909587Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:53.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac5bcf6cdf29805d2022-01-11 12:19:53.584root 11241100x80000000000000003909588Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:53.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8afcab2e9ccdb3772022-01-11 12:19:53.584root 11241100x80000000000000003909589Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:53.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.391975d5cc6765a92022-01-11 12:19:53.584root 11241100x80000000000000003909590Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:53.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fdbd92b69e292b982022-01-11 12:19:53.584root 11241100x80000000000000003909591Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:53.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4552adfebe631b5a2022-01-11 12:19:53.584root 11241100x80000000000000003909592Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:53.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.87a766adef80bd8f2022-01-11 12:19:53.584root 11241100x80000000000000003909593Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:53.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c81da8cdc90a97a2022-01-11 12:19:53.584root 11241100x80000000000000003909594Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:53.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63475ad96b3d1d8f2022-01-11 12:19:53.584root 11241100x80000000000000003909595Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0616c770d80963a32022-01-11 12:19:54.083root 11241100x80000000000000003909596Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.671a427034275e142022-01-11 12:19:54.083root 11241100x80000000000000003909597Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.73c7b20ac47c95ca2022-01-11 12:19:54.083root 11241100x80000000000000003909598Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f6dd869c0b210b42022-01-11 12:19:54.083root 11241100x80000000000000003909599Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.97b0741b43695dfe2022-01-11 12:19:54.084root 11241100x80000000000000003909600Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b1c2a42b11b6f0522022-01-11 12:19:54.084root 11241100x80000000000000003909601Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c683b7ac37620e3b2022-01-11 12:19:54.084root 11241100x80000000000000003909602Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3623f5fd7ce2a6492022-01-11 12:19:54.084root 11241100x80000000000000003909603Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.147038afac35b84a2022-01-11 12:19:54.084root 11241100x80000000000000003909604Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cdc1374a0be8fef42022-01-11 12:19:54.084root 11241100x80000000000000003909605Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.17df677611e6b2192022-01-11 12:19:54.084root 11241100x80000000000000003909606Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8da384bc1bfb559d2022-01-11 12:19:54.084root 11241100x80000000000000003909607Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1cca1361490369512022-01-11 12:19:54.084root 11241100x80000000000000003909608Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2538c826cd2566c72022-01-11 12:19:54.583root 11241100x80000000000000003909609Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7460f6d27ec516532022-01-11 12:19:54.584root 11241100x80000000000000003909610Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ddec5b2f9a726f62022-01-11 12:19:54.584root 11241100x80000000000000003909611Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a1a3f6e057d116a2022-01-11 12:19:54.584root 11241100x80000000000000003909612Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fdc30a4e5d3487e22022-01-11 12:19:54.585root 11241100x80000000000000003909613Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7684aa66500e6c592022-01-11 12:19:54.585root 11241100x80000000000000003909614Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7756fd36e5c58932022-01-11 12:19:54.585root 11241100x80000000000000003909615Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ad2cba25b4938a32022-01-11 12:19:54.586root 11241100x80000000000000003909616Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8930452b6f5c0f872022-01-11 12:19:54.586root 11241100x80000000000000003909617Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33b13dfbe9cb631c2022-01-11 12:19:54.586root 11241100x80000000000000003909618Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6574229ae0f76bd2022-01-11 12:19:54.586root 11241100x80000000000000003909619Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3cde4eefc23761562022-01-11 12:19:54.587root 11241100x80000000000000003909620Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb73dcdb5ae618942022-01-11 12:19:54.587root 11241100x80000000000000003909621Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.894{ec2d504d-f0f9-61db-30a8-2a40f5550000}5391/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log2022-01-11 12:19:54.894root 11241100x80000000000000003909622Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.895{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.869a2355b52e76632022-01-11 12:19:54.895root 11241100x80000000000000003909623Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.895{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.972d60871bc7f1652022-01-11 12:19:54.895root 11241100x80000000000000003909624Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.895{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d44c4a7609b3764d2022-01-11 12:19:54.895root 11241100x80000000000000003909625Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.896{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d86512e1744b5422022-01-11 12:19:54.896root 11241100x80000000000000003909626Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.896{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.103b46725f05a6cd2022-01-11 12:19:54.896root 11241100x80000000000000003909627Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.896{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e2ddcdf5901cb872022-01-11 12:19:54.896root 11241100x80000000000000003909628Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6676d235914029ba2022-01-11 12:19:54.897root 11241100x80000000000000003909629Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.edf8d5e1f605e10d2022-01-11 12:19:54.897root 11241100x80000000000000003909630Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a3ae8d13d37c26e2022-01-11 12:19:54.897root 11241100x80000000000000003909631Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.39bad8143c7ee76d2022-01-11 12:19:54.898root 11241100x80000000000000003909632Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c541e7295f761e32022-01-11 12:19:54.898root 11241100x80000000000000003909633Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d88cd56ecb98e19b2022-01-11 12:19:54.898root 11241100x80000000000000003909634Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.720ad3961ed587542022-01-11 12:19:54.898root 11241100x80000000000000003909635Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.899{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02a480e5d42beb302022-01-11 12:19:54.899root 11241100x80000000000000003909636Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.899{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c6a5896e4fb783d2022-01-11 12:19:54.899root 11241100x80000000000000003909637Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.902ef0e2174348e12022-01-11 12:19:55.334root 11241100x80000000000000003909638Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.058ca69ad113bc0b2022-01-11 12:19:55.334root 11241100x80000000000000003909639Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd07a106c4bc52a52022-01-11 12:19:55.334root 11241100x80000000000000003909640Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d4f72aaa315fc2372022-01-11 12:19:55.334root 11241100x80000000000000003909641Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a01c007c94942f2c2022-01-11 12:19:55.334root 11241100x80000000000000003909642Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.357a5c2ed10a463f2022-01-11 12:19:55.334root 11241100x80000000000000003909643Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aed81abc0ba0cb452022-01-11 12:19:55.334root 11241100x80000000000000003909644Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fceecc5045f96f5d2022-01-11 12:19:55.334root 11241100x80000000000000003909645Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3fb3a450c92828692022-01-11 12:19:55.334root 11241100x80000000000000003909646Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.108a9416b36e8fc42022-01-11 12:19:55.334root 11241100x80000000000000003909647Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3f37f438a8205fe2022-01-11 12:19:55.334root 11241100x80000000000000003909648Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c1782648ed9552c72022-01-11 12:19:55.334root 11241100x80000000000000003909649Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b1d916bab269e5ea2022-01-11 12:19:55.334root 11241100x80000000000000003909650Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:55.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.028858bfdb6e6bde2022-01-11 12:19:55.335root 11241100x80000000000000003909651Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:55.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5340fcf5a9037d2e2022-01-11 12:19:55.834root 11241100x80000000000000003909652Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:55.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.86193278af17267e2022-01-11 12:19:55.834root 11241100x80000000000000003909653Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:55.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a6f39a34968476c2022-01-11 12:19:55.834root 11241100x80000000000000003909654Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:55.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f14581edb507202f2022-01-11 12:19:55.834root 11241100x80000000000000003909655Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:55.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a5fbb284282160ef2022-01-11 12:19:55.834root 11241100x80000000000000003909656Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:55.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9cb5ac86076f3d602022-01-11 12:19:55.834root 11241100x80000000000000003909657Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:55.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.78e23616145196212022-01-11 12:19:55.834root 11241100x80000000000000003909658Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:55.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c3c840ed1661fda2022-01-11 12:19:55.834root 11241100x80000000000000003909659Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:55.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.05643a6709f4e8802022-01-11 12:19:55.834root 11241100x80000000000000003909660Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:55.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.79b3df359f45e2ae2022-01-11 12:19:55.834root 11241100x80000000000000003909661Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:55.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fbfd626b671a60612022-01-11 12:19:55.834root 11241100x80000000000000003909662Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:55.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77466981061dee262022-01-11 12:19:55.834root 11241100x80000000000000003909663Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:55.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4bc4f7cda0d0cad52022-01-11 12:19:55.835root 11241100x80000000000000003909664Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:55.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b0f3c32e02faa612022-01-11 12:19:55.835root 354300x80000000000000003909665Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.188{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56282-false10.0.1.12-8000- 11241100x80000000000000003909666Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.189{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.06ec1c742e500d662022-01-11 12:19:56.189root 11241100x80000000000000003909667Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.189{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.210571d7744b8cbc2022-01-11 12:19:56.189root 11241100x80000000000000003909668Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.190{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.80f4320ae212f0e92022-01-11 12:19:56.190root 11241100x80000000000000003909669Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.190{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b6947d2e66af4b582022-01-11 12:19:56.190root 11241100x80000000000000003909670Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.190{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e87f11a2befac93c2022-01-11 12:19:56.190root 11241100x80000000000000003909671Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.190{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7d2e305ecfc23102022-01-11 12:19:56.190root 11241100x80000000000000003909672Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.191{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3621af2806300c732022-01-11 12:19:56.191root 11241100x80000000000000003909673Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.191{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e2d3f5b8e6944e0e2022-01-11 12:19:56.191root 11241100x80000000000000003909674Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.191{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.babc53ae072320fa2022-01-11 12:19:56.191root 11241100x80000000000000003909675Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.192{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e6e0c87fe050d322022-01-11 12:19:56.192root 11241100x80000000000000003909676Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.192{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de3e2fd306e0fc3b2022-01-11 12:19:56.192root 11241100x80000000000000003909677Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.192{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5babeec4405b251b2022-01-11 12:19:56.192root 11241100x80000000000000003909678Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.192{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bda7b3c1bee0e7232022-01-11 12:19:56.192root 11241100x80000000000000003909679Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.193{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.837882e429a564112022-01-11 12:19:56.193root 11241100x80000000000000003909680Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.193{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0ed3ec4bcfc3f5f62022-01-11 12:19:56.193root 11241100x80000000000000003909681Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.193{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.07c29dc4e2b5be9a2022-01-11 12:19:56.193root 11241100x80000000000000003909682Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.194{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.62fb04c62f5726692022-01-11 12:19:56.194root 11241100x80000000000000003909683Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b1afe7939d9009a52022-01-11 12:19:56.584root 11241100x80000000000000003909684Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c57dab6703266bc2022-01-11 12:19:56.584root 11241100x80000000000000003909685Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0390dc6a518dd97f2022-01-11 12:19:56.584root 11241100x80000000000000003909686Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d55a9b99441b2fac2022-01-11 12:19:56.584root 11241100x80000000000000003909687Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fcb22a68b307b6792022-01-11 12:19:56.584root 11241100x80000000000000003909688Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa5ad0750df1e6522022-01-11 12:19:56.585root 11241100x80000000000000003909689Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09b29dd7517445be2022-01-11 12:19:56.585root 11241100x80000000000000003909690Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b9214525d6528632022-01-11 12:19:56.585root 11241100x80000000000000003909691Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a3196de147b8a3282022-01-11 12:19:56.585root 11241100x80000000000000003909692Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d6b36fbb81ffc802022-01-11 12:19:56.586root 11241100x80000000000000003909693Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ebd31b5a6c62b182022-01-11 12:19:56.586root 11241100x80000000000000003909694Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e909a86002b0b2292022-01-11 12:19:56.586root 11241100x80000000000000003909695Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f4daaea4d07cdee2022-01-11 12:19:56.586root 11241100x80000000000000003909696Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ddeeb375178d267b2022-01-11 12:19:56.586root 11241100x80000000000000003909697Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3432da854fa002ec2022-01-11 12:19:56.586root 11241100x80000000000000003909698Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.64cdb279132e2f1f2022-01-11 12:19:57.083root 11241100x80000000000000003909699Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aad7861572e249f32022-01-11 12:19:57.083root 11241100x80000000000000003909700Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41bc1dd69c1b12ed2022-01-11 12:19:57.084root 11241100x80000000000000003909701Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c843a65e18a0d06b2022-01-11 12:19:57.084root 11241100x80000000000000003909702Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d3995e887ba463d92022-01-11 12:19:57.084root 11241100x80000000000000003909703Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e311ced466b15f692022-01-11 12:19:57.084root 11241100x80000000000000003909704Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb1d24cfb5dbde6e2022-01-11 12:19:57.084root 11241100x80000000000000003909705Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5459c1e8d554896b2022-01-11 12:19:57.084root 11241100x80000000000000003909706Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8638a9a65510d8742022-01-11 12:19:57.084root 11241100x80000000000000003909707Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2daab547acd43f032022-01-11 12:19:57.084root 11241100x80000000000000003909708Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6588f4f17654a1a42022-01-11 12:19:57.085root 11241100x80000000000000003909709Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf96004668a2a3dc2022-01-11 12:19:57.085root 11241100x80000000000000003909710Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.43348597eaa343462022-01-11 12:19:57.085root 11241100x80000000000000003909711Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.509527d2ed9102af2022-01-11 12:19:57.085root 11241100x80000000000000003909712Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.446d543a6e84233f2022-01-11 12:19:57.085root 11241100x80000000000000003909713Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc537c4eba815c9e2022-01-11 12:19:57.085root 11241100x80000000000000003909714Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b58e9c400decd4752022-01-11 12:19:57.085root 11241100x80000000000000003909715Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ea5407ca8a3a28612022-01-11 12:19:57.583root 11241100x80000000000000003909716Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e50fc60ffc723f32022-01-11 12:19:57.583root 11241100x80000000000000003909717Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a31d884b5d411dd2022-01-11 12:19:57.584root 11241100x80000000000000003909718Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0944b2a67dbe348f2022-01-11 12:19:57.584root 11241100x80000000000000003909719Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9aa4489032698d72022-01-11 12:19:57.584root 11241100x80000000000000003909720Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e9f4a14d1f6d98412022-01-11 12:19:57.584root 11241100x80000000000000003909721Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3375eb0b394048492022-01-11 12:19:57.584root 11241100x80000000000000003909722Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.733125c72cd57c212022-01-11 12:19:57.585root 11241100x80000000000000003909723Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb5afddc1228c6ca2022-01-11 12:19:57.585root 11241100x80000000000000003909724Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.416d1f0ccc8a1aa52022-01-11 12:19:57.585root 11241100x80000000000000003909725Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b341e38d70c08fa2022-01-11 12:19:57.585root 11241100x80000000000000003909726Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f4d8b4caa30175c82022-01-11 12:19:57.585root 11241100x80000000000000003909727Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b45bf95c1b080942022-01-11 12:19:57.586root 11241100x80000000000000003909728Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b8806f578fd430ba2022-01-11 12:19:57.586root 11241100x80000000000000003909729Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6664210f1bd21ae42022-01-11 12:19:57.586root 23542300x80000000000000003909730Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.896{ec2d504d-f0f9-61db-30a8-2a40f5550000}5391root/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log--- 11241100x80000000000000003909731Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.44ca2cf136e8bf632022-01-11 12:19:57.897root 11241100x80000000000000003909732Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.249e4dd585779dc12022-01-11 12:19:57.897root 11241100x80000000000000003909733Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23676254df1524b22022-01-11 12:19:57.897root 11241100x80000000000000003909734Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c9fe4a9c0f07ae082022-01-11 12:19:57.897root 11241100x80000000000000003909735Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.67986bbcec36d32c2022-01-11 12:19:57.897root 11241100x80000000000000003909736Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a7f47716354b46e92022-01-11 12:19:57.897root 11241100x80000000000000003909737Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dfe1886c1e525c6a2022-01-11 12:19:57.898root 11241100x80000000000000003909738Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a50c05059569daa72022-01-11 12:19:57.898root 11241100x80000000000000003909739Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8513dc8d6e1f71f12022-01-11 12:19:57.898root 11241100x80000000000000003909740Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.20855d9781df676a2022-01-11 12:19:57.898root 11241100x80000000000000003909741Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.419243d09e660e092022-01-11 12:19:57.898root 11241100x80000000000000003909742Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.899{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.84c1c4af479b80b62022-01-11 12:19:57.899root 11241100x80000000000000003909743Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.899{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0714a9824366b142022-01-11 12:19:57.899root 11241100x80000000000000003909744Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.899{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.105488d2ede69af72022-01-11 12:19:57.899root 11241100x80000000000000003909745Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.899{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b5af6b6776f45802022-01-11 12:19:57.899root 11241100x80000000000000003909746Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.899{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bfa15ae6e595c7002022-01-11 12:19:57.899root 11241100x80000000000000003909747Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b07993e03a0b7882022-01-11 12:19:58.334root 11241100x80000000000000003909748Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e7ff215166f36a82022-01-11 12:19:58.334root 11241100x80000000000000003909749Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d9100d68cd2847b2022-01-11 12:19:58.334root 11241100x80000000000000003909750Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.897277b8dbc590072022-01-11 12:19:58.334root 11241100x80000000000000003909751Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.44465177588c6c9f2022-01-11 12:19:58.334root 11241100x80000000000000003909752Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.156e9bfb1f1481952022-01-11 12:19:58.334root 11241100x80000000000000003909753Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba56ea74473a07ae2022-01-11 12:19:58.334root 11241100x80000000000000003909754Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b88bac9101e79a002022-01-11 12:19:58.334root 11241100x80000000000000003909755Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f1ee3ddfc2f0af072022-01-11 12:19:58.334root 11241100x80000000000000003909756Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.320ae76e9919d00b2022-01-11 12:19:58.334root 11241100x80000000000000003909757Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f0d1180ff6e773f2022-01-11 12:19:58.334root 11241100x80000000000000003909758Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b54796a64c35273c2022-01-11 12:19:58.334root 11241100x80000000000000003909759Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33c1cd49656d95b82022-01-11 12:19:58.334root 11241100x80000000000000003909760Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4cdd893d24478fd52022-01-11 12:19:58.335root 11241100x80000000000000003909761Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e43f9077350fca52022-01-11 12:19:58.335root 11241100x80000000000000003909762Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.98ee25f8752e13172022-01-11 12:19:58.335root 11241100x80000000000000003909763Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b74e11c6c9b12112022-01-11 12:19:58.834root 11241100x80000000000000003909764Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1db459ef2c346c82022-01-11 12:19:58.834root 11241100x80000000000000003909765Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.15eb8fe41304989f2022-01-11 12:19:58.834root 11241100x80000000000000003909766Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4785cacde715ec5d2022-01-11 12:19:58.834root 11241100x80000000000000003909767Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ca51124449617172022-01-11 12:19:58.834root 11241100x80000000000000003909768Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.58f4a9f5152a283e2022-01-11 12:19:58.834root 11241100x80000000000000003909769Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.836907c6beca52e62022-01-11 12:19:58.834root 11241100x80000000000000003909770Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd29ada0772801772022-01-11 12:19:58.834root 11241100x80000000000000003909771Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba430d620952831a2022-01-11 12:19:58.834root 11241100x80000000000000003909772Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bf519285e8904aec2022-01-11 12:19:58.834root 11241100x80000000000000003909773Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce0f5a9fdf2bcce32022-01-11 12:19:58.834root 11241100x80000000000000003909774Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.11f5548046af361f2022-01-11 12:19:58.834root 11241100x80000000000000003909775Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c9f9a063a123fa6b2022-01-11 12:19:58.835root 11241100x80000000000000003909776Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1db365b26608731b2022-01-11 12:19:58.835root 11241100x80000000000000003909777Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.08b0a8257b2359952022-01-11 12:19:58.835root 11241100x80000000000000003909778Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.57151ceecb216ed22022-01-11 12:19:58.835root 11241100x80000000000000003909779Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d8cc8e0bbdbd0562022-01-11 12:19:59.334root 11241100x80000000000000003909780Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.37bf69e6857927102022-01-11 12:19:59.334root 11241100x80000000000000003909781Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ddb71a88504451d82022-01-11 12:19:59.334root 11241100x80000000000000003909782Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c7adadc51e0e9a42022-01-11 12:19:59.334root 11241100x80000000000000003909783Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7da5fb9324dc73bd2022-01-11 12:19:59.334root 11241100x80000000000000003909784Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95dafd8ee0e3acea2022-01-11 12:19:59.334root 11241100x80000000000000003909785Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b6ecae76a8328f372022-01-11 12:19:59.334root 11241100x80000000000000003909786Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.59f887e5342299162022-01-11 12:19:59.334root 11241100x80000000000000003909787Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.330d327c3ea87d532022-01-11 12:19:59.334root 11241100x80000000000000003909788Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed801c4676063f132022-01-11 12:19:59.334root 11241100x80000000000000003909789Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.60b7b264c11f15c22022-01-11 12:19:59.334root 11241100x80000000000000003909790Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5315eda50f83eb012022-01-11 12:19:59.334root 11241100x80000000000000003909791Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.baaad01bf3f13f2b2022-01-11 12:19:59.334root 11241100x80000000000000003909792Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a3eece26b89939992022-01-11 12:19:59.335root 11241100x80000000000000003909793Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f19162c3799c8c32022-01-11 12:19:59.335root 11241100x80000000000000003909794Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5748b71a147e1ed22022-01-11 12:19:59.335root 11241100x80000000000000003909795Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d386c2f36c49d352022-01-11 12:19:59.834root 11241100x80000000000000003909796Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.220a84a8195186ba2022-01-11 12:19:59.834root 11241100x80000000000000003909797Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0546efa0ba4c1afa2022-01-11 12:19:59.834root 11241100x80000000000000003909798Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2b01894f61a43faf2022-01-11 12:19:59.834root 11241100x80000000000000003909799Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f145feb03b94b87a2022-01-11 12:19:59.834root 11241100x80000000000000003909800Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de3626d92cbf61552022-01-11 12:19:59.834root 11241100x80000000000000003909801Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.426647f8edc78d782022-01-11 12:19:59.834root 11241100x80000000000000003909802Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.adffd83354db2a382022-01-11 12:19:59.834root 11241100x80000000000000003909803Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.540fb7715ef5012f2022-01-11 12:19:59.834root 11241100x80000000000000003909804Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.62922bfc150682542022-01-11 12:19:59.834root 11241100x80000000000000003909805Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.581798d3ba83b7ee2022-01-11 12:19:59.834root 11241100x80000000000000003909806Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c42936af7fb72f82022-01-11 12:19:59.834root 11241100x80000000000000003909807Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.36587007f378b84d2022-01-11 12:19:59.835root 11241100x80000000000000003909808Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb249aca039add9b2022-01-11 12:19:59.835root 11241100x80000000000000003909809Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e4991102fd023df2022-01-11 12:19:59.835root 11241100x80000000000000003909810Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.51308f0b38e0c65b2022-01-11 12:19:59.835root 11241100x80000000000000003909811Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c7e26f101cd9b852022-01-11 12:20:00.334root 11241100x80000000000000003909812Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c5bf7c48e8569ce32022-01-11 12:20:00.334root 11241100x80000000000000003909813Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9abc361f942df6432022-01-11 12:20:00.335root 11241100x80000000000000003909814Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.51c0055511e4dd272022-01-11 12:20:00.335root 11241100x80000000000000003909815Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b72cc683358481bc2022-01-11 12:20:00.335root 11241100x80000000000000003909816Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a482c5440a140162022-01-11 12:20:00.335root 11241100x80000000000000003909817Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a054248d2c49ae2e2022-01-11 12:20:00.335root 11241100x80000000000000003909818Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.413856871a6adcea2022-01-11 12:20:00.335root 11241100x80000000000000003909819Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63dda75ba52d647e2022-01-11 12:20:00.335root 11241100x80000000000000003909820Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6527f1a65a1143b2022-01-11 12:20:00.335root 11241100x80000000000000003909821Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8867cb5775d1beb22022-01-11 12:20:00.335root 11241100x80000000000000003909822Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2bd6f093f896cc902022-01-11 12:20:00.335root 11241100x80000000000000003909823Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a370027c65d31ec12022-01-11 12:20:00.335root 11241100x80000000000000003909824Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.354d6ec2d115b8732022-01-11 12:20:00.335root 11241100x80000000000000003909825Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f25cd18bf6041d12022-01-11 12:20:00.335root 11241100x80000000000000003909826Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7af971882bda1342022-01-11 12:20:00.336root 11241100x80000000000000003909827Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8538e3c3ca4955f2022-01-11 12:20:00.834root 11241100x80000000000000003909828Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.503a9adb02e2f7e22022-01-11 12:20:00.834root 11241100x80000000000000003909829Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3753fac12fb410cd2022-01-11 12:20:00.834root 11241100x80000000000000003909830Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dac8ff0b7e7910b92022-01-11 12:20:00.834root 11241100x80000000000000003909831Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a85c5335c17890952022-01-11 12:20:00.834root 11241100x80000000000000003909832Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e9b7af82265750b2022-01-11 12:20:00.834root 11241100x80000000000000003909833Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9bd091aff0f94d392022-01-11 12:20:00.834root 11241100x80000000000000003909834Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d848e5ab299521472022-01-11 12:20:00.834root 11241100x80000000000000003909835Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a23624969aa5c6832022-01-11 12:20:00.834root 11241100x80000000000000003909836Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a163acee0df214cb2022-01-11 12:20:00.834root 11241100x80000000000000003909837Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e703ef94536e7b252022-01-11 12:20:00.834root 11241100x80000000000000003909838Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4fb55f6a00490e7a2022-01-11 12:20:00.834root 11241100x80000000000000003909839Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f195c4980673cae62022-01-11 12:20:00.835root 11241100x80000000000000003909840Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe154204d4ab540a2022-01-11 12:20:00.835root 11241100x80000000000000003909841Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.281eccdcd958fbff2022-01-11 12:20:00.835root 11241100x80000000000000003909842Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c208404f868ff6ba2022-01-11 12:20:00.835root 11241100x80000000000000003909843Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f2c2bf219801834b2022-01-11 12:20:01.334root 11241100x80000000000000003909844Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c9135ea8f6d396012022-01-11 12:20:01.334root 11241100x80000000000000003909845Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac1b6eaabc3389dd2022-01-11 12:20:01.334root 11241100x80000000000000003909846Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.197d5c36e3eaf8f92022-01-11 12:20:01.334root 11241100x80000000000000003909847Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2acac21a4ce8f52c2022-01-11 12:20:01.334root 11241100x80000000000000003909848Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a996b0b06bae8ec2022-01-11 12:20:01.334root 11241100x80000000000000003909849Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.81c195cb86311a922022-01-11 12:20:01.334root 11241100x80000000000000003909850Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1da9146dfaea131d2022-01-11 12:20:01.334root 11241100x80000000000000003909851Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e90a9c4fabaa78052022-01-11 12:20:01.334root 11241100x80000000000000003909852Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.46fb5c78a82c6d052022-01-11 12:20:01.334root 11241100x80000000000000003909853Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c047dd4605d00f12022-01-11 12:20:01.334root 11241100x80000000000000003909854Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b0ae85eafa6de8892022-01-11 12:20:01.334root 11241100x80000000000000003909855Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ead2d73cac135322022-01-11 12:20:01.335root 11241100x80000000000000003909856Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff59cdd44635a7032022-01-11 12:20:01.335root 11241100x80000000000000003909857Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.187366e58c0fc8e62022-01-11 12:20:01.335root 11241100x80000000000000003909858Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e9b73d05ea3e1fdc2022-01-11 12:20:01.335root 11241100x80000000000000003909859Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1af3404ad5b392162022-01-11 12:20:01.834root 11241100x80000000000000003909860Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa04826f91e7b2352022-01-11 12:20:01.834root 11241100x80000000000000003909861Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e426ed492f1b84202022-01-11 12:20:01.834root 11241100x80000000000000003909862Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f9aa8780967777972022-01-11 12:20:01.834root 11241100x80000000000000003909863Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6cc1be5c0f9b97212022-01-11 12:20:01.834root 11241100x80000000000000003909864Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c1803d67811afeb2022-01-11 12:20:01.834root 11241100x80000000000000003909865Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.31486c96b9783c0f2022-01-11 12:20:01.834root 11241100x80000000000000003909866Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2044fc1ccbec18e22022-01-11 12:20:01.834root 11241100x80000000000000003909867Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7091a9853339d032022-01-11 12:20:01.834root 11241100x80000000000000003909868Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d11c4fc166da73712022-01-11 12:20:01.834root 11241100x80000000000000003909869Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c50dc70c7628acd2022-01-11 12:20:01.834root 11241100x80000000000000003909870Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b0f5b31a63eea792022-01-11 12:20:01.835root 11241100x80000000000000003909871Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e3bd6f9cae44e0d12022-01-11 12:20:01.835root 11241100x80000000000000003909872Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.699147307e7d953f2022-01-11 12:20:01.835root 11241100x80000000000000003909873Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa5fc79f48f0a11d2022-01-11 12:20:01.835root 11241100x80000000000000003909874Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f6f66a4b580c68c2022-01-11 12:20:01.835root 354300x80000000000000003909875Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.021{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56284-false10.0.1.12-8000- 11241100x80000000000000003909876Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6bc620e4a4d201f2022-01-11 12:20:02.334root 11241100x80000000000000003909877Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.80b7f0412ee562cb2022-01-11 12:20:02.334root 11241100x80000000000000003909878Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9f87414b1391aa932022-01-11 12:20:02.334root 11241100x80000000000000003909879Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.92b42c7b4d9f5d1d2022-01-11 12:20:02.334root 11241100x80000000000000003909880Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.632db220be7c88c82022-01-11 12:20:02.334root 11241100x80000000000000003909881Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df04782d13248fd62022-01-11 12:20:02.335root 11241100x80000000000000003909882Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a6a5b49df8926282022-01-11 12:20:02.335root 11241100x80000000000000003909883Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e2dd2a9cc75bce22022-01-11 12:20:02.335root 11241100x80000000000000003909884Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f08df92aba5d598a2022-01-11 12:20:02.335root 11241100x80000000000000003909885Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b214a21d9e8097b2022-01-11 12:20:02.335root 11241100x80000000000000003909886Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da8131399289a0f22022-01-11 12:20:02.335root 11241100x80000000000000003909887Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dfc456e6f731fe0e2022-01-11 12:20:02.335root 11241100x80000000000000003909888Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d487a1a5462d07022022-01-11 12:20:02.335root 11241100x80000000000000003909889Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b6a04102eee8e702022-01-11 12:20:02.335root 11241100x80000000000000003909890Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af236906e2eb78c82022-01-11 12:20:02.336root 11241100x80000000000000003909891Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7749cd11a4e663b2022-01-11 12:20:02.336root 11241100x80000000000000003909892Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a81009079d9a86fd2022-01-11 12:20:02.336root 11241100x80000000000000003909893Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.89f646471415e4b12022-01-11 12:20:02.834root 11241100x80000000000000003909894Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b7ce46f1ad7d7902022-01-11 12:20:02.834root 11241100x80000000000000003909895Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d9201d684875cf032022-01-11 12:20:02.834root 11241100x80000000000000003909896Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d426b2e45c9e13b2022-01-11 12:20:02.834root 11241100x80000000000000003909897Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8ee296a038132b12022-01-11 12:20:02.834root 11241100x80000000000000003909898Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef48052d1d32f8c22022-01-11 12:20:02.834root 11241100x80000000000000003909899Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.afa480c55af8feaf2022-01-11 12:20:02.834root 11241100x80000000000000003909900Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7362c6e3c186b0c32022-01-11 12:20:02.834root 11241100x80000000000000003909901Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38847edf9f87a4bd2022-01-11 12:20:02.834root 11241100x80000000000000003909902Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f1a58613585ec6f92022-01-11 12:20:02.834root 11241100x80000000000000003909903Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a591d37a0ac24962022-01-11 12:20:02.834root 11241100x80000000000000003909904Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae7d7948b11827232022-01-11 12:20:02.834root 11241100x80000000000000003909905Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca315b6a940001a62022-01-11 12:20:02.835root 11241100x80000000000000003909906Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f90f2c9ca516c5e2022-01-11 12:20:02.835root 11241100x80000000000000003909907Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.269a8588f26128332022-01-11 12:20:02.835root 11241100x80000000000000003909908Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fdd39db6cf05ddfd2022-01-11 12:20:02.835root 11241100x80000000000000003909909Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.afffa64418b309422022-01-11 12:20:02.835root 11241100x80000000000000003909910Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a72aa7a06d214ea2022-01-11 12:20:03.334root 11241100x80000000000000003909911Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.347c5c540187f84f2022-01-11 12:20:03.334root 11241100x80000000000000003909912Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.748b3d1ff21437b92022-01-11 12:20:03.334root 11241100x80000000000000003909913Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.202218555151724c2022-01-11 12:20:03.334root 11241100x80000000000000003909914Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ba059530ce80fa32022-01-11 12:20:03.334root 11241100x80000000000000003909915Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f158a6e49203eb252022-01-11 12:20:03.334root 11241100x80000000000000003909916Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.223be47076882fd92022-01-11 12:20:03.334root 11241100x80000000000000003909917Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.31393eff33ba29d22022-01-11 12:20:03.334root 11241100x80000000000000003909918Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.79f306178005dc592022-01-11 12:20:03.334root 11241100x80000000000000003909919Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b0d18367185328482022-01-11 12:20:03.334root 11241100x80000000000000003909920Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d16a315bf33d93512022-01-11 12:20:03.334root 11241100x80000000000000003909921Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b214be1355d482722022-01-11 12:20:03.334root 11241100x80000000000000003909922Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4759cddef39ce8d92022-01-11 12:20:03.335root 11241100x80000000000000003909923Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90004a479dca7eaa2022-01-11 12:20:03.335root 11241100x80000000000000003909924Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a31f4e55d32f2e882022-01-11 12:20:03.335root 11241100x80000000000000003909925Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a0cfc19253e95462022-01-11 12:20:03.335root 11241100x80000000000000003909926Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.01b888f00049ca332022-01-11 12:20:03.335root 11241100x80000000000000003909927Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f0c1da313845c5342022-01-11 12:20:03.834root 11241100x80000000000000003909928Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.691c36589440ed562022-01-11 12:20:03.834root 11241100x80000000000000003909929Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1de6bf762a3789192022-01-11 12:20:03.834root 11241100x80000000000000003909930Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7666dfde358848ba2022-01-11 12:20:03.834root 11241100x80000000000000003909931Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f81b4d1fd46a1e52022-01-11 12:20:03.834root 11241100x80000000000000003909932Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8c4eb837e2ce79b2022-01-11 12:20:03.834root 11241100x80000000000000003909933Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.98cdcdf0d049160c2022-01-11 12:20:03.834root 11241100x80000000000000003909934Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2bd08c8716ea5e72022-01-11 12:20:03.834root 11241100x80000000000000003909935Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f43b2e5a3b4e6b92022-01-11 12:20:03.834root 11241100x80000000000000003909936Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25a0d6d594b5203c2022-01-11 12:20:03.834root 11241100x80000000000000003909937Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d3a39f7cfb07527b2022-01-11 12:20:03.834root 11241100x80000000000000003909938Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f027b239dc04fe82022-01-11 12:20:03.835root 11241100x80000000000000003909939Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6a65dd31673e6132022-01-11 12:20:03.835root 11241100x80000000000000003909940Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf6a07dd9b2416c62022-01-11 12:20:03.835root 11241100x80000000000000003909941Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.367dad3e024c22ef2022-01-11 12:20:03.835root 11241100x80000000000000003909942Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8ee38b1085ed55f2022-01-11 12:20:03.835root 11241100x80000000000000003909943Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.37ff48fdc2435c492022-01-11 12:20:03.835root 11241100x80000000000000003909944Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3169af5b6e732d122022-01-11 12:20:04.334root 11241100x80000000000000003909945Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0abd99633c44d7de2022-01-11 12:20:04.334root 11241100x80000000000000003909946Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e779fef5962d07e2022-01-11 12:20:04.334root 11241100x80000000000000003909947Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a493ca73fb7d6a1a2022-01-11 12:20:04.334root 11241100x80000000000000003909948Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee890386a10b3c7c2022-01-11 12:20:04.334root 11241100x80000000000000003909949Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8114dea36f5cfbb42022-01-11 12:20:04.334root 11241100x80000000000000003909950Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5003e1a2036916432022-01-11 12:20:04.334root 11241100x80000000000000003909951Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2bb6746a2b82c3c42022-01-11 12:20:04.334root 11241100x80000000000000003909952Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.28d415d2f1c81d892022-01-11 12:20:04.334root 11241100x80000000000000003909953Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76d86b02788b0b422022-01-11 12:20:04.334root 11241100x80000000000000003909954Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a50ae4559c21d03a2022-01-11 12:20:04.334root 11241100x80000000000000003909955Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.612ec954732d27b22022-01-11 12:20:04.335root 11241100x80000000000000003909956Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b2f960727c0b7a7a2022-01-11 12:20:04.335root 11241100x80000000000000003909957Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9fe75c110584cad32022-01-11 12:20:04.335root 11241100x80000000000000003909958Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c96b44bf61a75c32022-01-11 12:20:04.335root 11241100x80000000000000003909959Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b69891ac043439472022-01-11 12:20:04.335root 11241100x80000000000000003909960Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.354a2b1f126613232022-01-11 12:20:04.335root 11241100x80000000000000003909961Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6f2feab9ac79f1882022-01-11 12:20:04.834root 11241100x80000000000000003909962Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d0c97be72ac93e212022-01-11 12:20:04.834root 11241100x80000000000000003909963Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c513d283e65e2a342022-01-11 12:20:04.834root 11241100x80000000000000003909964Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c7b17f21f917db962022-01-11 12:20:04.834root 11241100x80000000000000003909965Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.93935a700210faf42022-01-11 12:20:04.834root 11241100x80000000000000003909966Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.46083924184c87fd2022-01-11 12:20:04.834root 11241100x80000000000000003909967Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9538b7f5cf97cdd52022-01-11 12:20:04.834root 11241100x80000000000000003909968Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.351f2fd313cd5ccd2022-01-11 12:20:04.835root 11241100x80000000000000003909969Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f8a7d0be84cf98572022-01-11 12:20:04.835root 11241100x80000000000000003909970Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dafcf8cf667e6d622022-01-11 12:20:04.835root 11241100x80000000000000003909971Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f467e99aaaa3cf572022-01-11 12:20:04.835root 11241100x80000000000000003909972Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.541b66343c0751b62022-01-11 12:20:04.835root 11241100x80000000000000003909973Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6f643f03ca3f78ca2022-01-11 12:20:04.835root 11241100x80000000000000003909974Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.60587aa1a6a96ec42022-01-11 12:20:04.835root 11241100x80000000000000003909975Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec759d0b7a4337a42022-01-11 12:20:04.835root 11241100x80000000000000003909976Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.16bca8a8c8af71a52022-01-11 12:20:04.836root 11241100x80000000000000003909977Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e9e7c6565cdc30ca2022-01-11 12:20:04.836root 11241100x80000000000000003909978Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d8bedd444d36b6c2022-01-11 12:20:05.334root 11241100x80000000000000003909979Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ea99d18270c5fcc92022-01-11 12:20:05.334root 11241100x80000000000000003909980Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a3d95d52eb30a9b2022-01-11 12:20:05.334root 11241100x80000000000000003909981Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b5db272d085918782022-01-11 12:20:05.334root 11241100x80000000000000003909982Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.567282fe94cb315a2022-01-11 12:20:05.335root 11241100x80000000000000003909983Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c673057908849eb2022-01-11 12:20:05.335root 11241100x80000000000000003909984Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1ff556ef45398172022-01-11 12:20:05.335root 11241100x80000000000000003909985Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.93e23efa4db7ba232022-01-11 12:20:05.335root 11241100x80000000000000003909986Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.543d9dd9eedbda2d2022-01-11 12:20:05.335root 11241100x80000000000000003909987Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c95cdc405d778b72022-01-11 12:20:05.335root 11241100x80000000000000003909988Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5fadcdfd775c009e2022-01-11 12:20:05.335root 11241100x80000000000000003909989Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d4800a3c5d1ccb82022-01-11 12:20:05.335root 11241100x80000000000000003909990Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f69fd993dc3768ed2022-01-11 12:20:05.335root 11241100x80000000000000003909991Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de28a65032aa48062022-01-11 12:20:05.335root 11241100x80000000000000003909992Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.44afcc5d5d835cc02022-01-11 12:20:05.335root 11241100x80000000000000003909993Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a374318dd33695d2022-01-11 12:20:05.336root 11241100x80000000000000003909994Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c7d26730103b889b2022-01-11 12:20:05.336root 11241100x80000000000000003909995Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4d30d059858d859e2022-01-11 12:20:05.834root 11241100x80000000000000003909996Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f83d344084d3b0312022-01-11 12:20:05.834root 11241100x80000000000000003909997Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bf2c63abd32fc1012022-01-11 12:20:05.834root 11241100x80000000000000003909998Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.60e8eb2c0ff1730b2022-01-11 12:20:05.834root 11241100x80000000000000003909999Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b22cd6976bbbd4002022-01-11 12:20:05.834root 11241100x80000000000000003910000Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1e66a791e61925a2022-01-11 12:20:05.834root 11241100x80000000000000003910001Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.326a63014e84b5112022-01-11 12:20:05.834root 11241100x80000000000000003910002Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d2f04a08ca4ab2c42022-01-11 12:20:05.834root 11241100x80000000000000003910003Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c7c3905eac45786b2022-01-11 12:20:05.834root 11241100x80000000000000003910004Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.65f6ce56d2958a402022-01-11 12:20:05.834root 11241100x80000000000000003910005Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b1a1805dbe135dc2022-01-11 12:20:05.834root 11241100x80000000000000003910006Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3923ef76997c9dd92022-01-11 12:20:05.834root 11241100x80000000000000003910007Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f10242009b8998372022-01-11 12:20:05.835root 11241100x80000000000000003910008Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f5d3087d058c59d82022-01-11 12:20:05.835root 11241100x80000000000000003910009Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.37f4aad5bc68850a2022-01-11 12:20:05.835root 11241100x80000000000000003910010Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.256073283a584c6e2022-01-11 12:20:05.835root 11241100x80000000000000003910011Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.156b51e1f87cbc152022-01-11 12:20:05.835root 11241100x80000000000000003910012Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c485a85258210aae2022-01-11 12:20:06.334root 11241100x80000000000000003910013Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6edd300b285df2992022-01-11 12:20:06.334root 11241100x80000000000000003910014Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f527a0d6efe2fc42022-01-11 12:20:06.334root 11241100x80000000000000003910015Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d40394cbe17f4ac32022-01-11 12:20:06.334root 11241100x80000000000000003910016Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9fcf2803e67222172022-01-11 12:20:06.334root 11241100x80000000000000003910017Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3144870b381dd8b92022-01-11 12:20:06.334root 11241100x80000000000000003910018Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c1bb571f39604c352022-01-11 12:20:06.334root 11241100x80000000000000003910019Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8bf7d153ddf2bf682022-01-11 12:20:06.334root 11241100x80000000000000003910020Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b1407b4cf1a899a22022-01-11 12:20:06.334root 11241100x80000000000000003910021Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1bdcf01e63d334162022-01-11 12:20:06.334root 11241100x80000000000000003910022Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f27ad54b8115dcb2022-01-11 12:20:06.335root 11241100x80000000000000003910023Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.099e565b894a0fa42022-01-11 12:20:06.335root 11241100x80000000000000003910024Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0cda640fa22adc72022-01-11 12:20:06.335root 11241100x80000000000000003910025Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c4b71a82e8478f92022-01-11 12:20:06.335root 11241100x80000000000000003910026Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2476d57f6aef8b7c2022-01-11 12:20:06.335root 11241100x80000000000000003910027Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.71b84c7de92be84d2022-01-11 12:20:06.335root 11241100x80000000000000003910028Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d8711f36dd336dc2022-01-11 12:20:06.335root 11241100x80000000000000003910029Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6c1158e6e6c5dd62022-01-11 12:20:06.834root 11241100x80000000000000003910030Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.beee96e8a046e3222022-01-11 12:20:06.834root 11241100x80000000000000003910031Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9484d3298f2439e2022-01-11 12:20:06.834root 11241100x80000000000000003910032Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f8886a89845027ac2022-01-11 12:20:06.834root 11241100x80000000000000003910033Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f37cd972ab65180a2022-01-11 12:20:06.834root 11241100x80000000000000003910034Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3dffd0132406b8da2022-01-11 12:20:06.834root 11241100x80000000000000003910035Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b61798649155330f2022-01-11 12:20:06.834root 11241100x80000000000000003910036Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.11bd417d6deeda282022-01-11 12:20:06.834root 11241100x80000000000000003910037Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25cdfb3a413de9642022-01-11 12:20:06.834root 11241100x80000000000000003910038Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0afbf4df84b270572022-01-11 12:20:06.834root 11241100x80000000000000003910039Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f083381011da0792022-01-11 12:20:06.834root 11241100x80000000000000003910040Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5089e09f93b47aff2022-01-11 12:20:06.834root 11241100x80000000000000003910041Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f92d0057f2c29af2022-01-11 12:20:06.835root 11241100x80000000000000003910042Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.81045b59dc90b8aa2022-01-11 12:20:06.835root 11241100x80000000000000003910043Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e2faf82b42ba46952022-01-11 12:20:06.835root 11241100x80000000000000003910044Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ab946d9651ac0802022-01-11 12:20:06.835root 11241100x80000000000000003910045Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.20f5a098e28435582022-01-11 12:20:06.835root 354300x80000000000000003910046Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.069{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56286-false10.0.1.12-8000- 11241100x80000000000000003910047Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b326e91f265f3e52022-01-11 12:20:07.334root 11241100x80000000000000003910048Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.420c7cf7c2d7b6172022-01-11 12:20:07.334root 11241100x80000000000000003910049Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b536c8f8e0b53ec02022-01-11 12:20:07.334root 11241100x80000000000000003910050Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.750d1aba93a595162022-01-11 12:20:07.334root 11241100x80000000000000003910051Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.08ed290d896b92962022-01-11 12:20:07.334root 11241100x80000000000000003910052Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec353ceba811526a2022-01-11 12:20:07.334root 11241100x80000000000000003910053Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8084f71cbb930ddb2022-01-11 12:20:07.334root 11241100x80000000000000003910054Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d6aaf9b1ab40e1b2022-01-11 12:20:07.334root 11241100x80000000000000003910055Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9487eff6bc0acf232022-01-11 12:20:07.334root 11241100x80000000000000003910056Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b492fef31b32d11e2022-01-11 12:20:07.334root 11241100x80000000000000003910057Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fadcce0dbf4990d92022-01-11 12:20:07.334root 11241100x80000000000000003910058Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.75365c7c570149d62022-01-11 12:20:07.334root 11241100x80000000000000003910059Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c7aaae35479b4fbc2022-01-11 12:20:07.335root 11241100x80000000000000003910060Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7df4797fe5f6ee62022-01-11 12:20:07.335root 11241100x80000000000000003910061Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d9dbee43f2d8f39e2022-01-11 12:20:07.335root 11241100x80000000000000003910062Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6b624f7382867ca2022-01-11 12:20:07.335root 11241100x80000000000000003910063Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b498f8746056c212022-01-11 12:20:07.335root 11241100x80000000000000003910064Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af9a28e9710bf4fd2022-01-11 12:20:07.335root 11241100x80000000000000003910065Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5260d1ad802897d42022-01-11 12:20:07.834root 11241100x80000000000000003910066Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ddc7560ca2eb2a702022-01-11 12:20:07.834root 11241100x80000000000000003910067Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b85fb9d2f162d0bd2022-01-11 12:20:07.834root 11241100x80000000000000003910068Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d7f0b0f3338be1bf2022-01-11 12:20:07.834root 11241100x80000000000000003910069Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c50b7b2a8737e482022-01-11 12:20:07.834root 11241100x80000000000000003910070Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c3f34a7fa86b83e2022-01-11 12:20:07.834root 11241100x80000000000000003910071Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed14f8f5f0786e4a2022-01-11 12:20:07.834root 11241100x80000000000000003910072Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e67962a4e2212692022-01-11 12:20:07.834root 11241100x80000000000000003910073Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc4e6b47eaffd6f72022-01-11 12:20:07.834root 11241100x80000000000000003910074Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bf272c490ee1497f2022-01-11 12:20:07.834root 11241100x80000000000000003910075Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2cc95008a816e6732022-01-11 12:20:07.835root 11241100x80000000000000003910076Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a41ac5029912a6f2022-01-11 12:20:07.835root 11241100x80000000000000003910077Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a037241ba1ee5c052022-01-11 12:20:07.835root 11241100x80000000000000003910078Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.542f2ab0d1f721772022-01-11 12:20:07.835root 11241100x80000000000000003910079Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.759edc668f240ef12022-01-11 12:20:07.835root 11241100x80000000000000003910080Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba38a2089b7014ab2022-01-11 12:20:07.835root 11241100x80000000000000003910081Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.57bac0e693ba58a12022-01-11 12:20:07.835root 11241100x80000000000000003910082Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d77f2884a56603842022-01-11 12:20:07.835root 11241100x80000000000000003910083Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b6ee010fac33dddc2022-01-11 12:20:08.334root 11241100x80000000000000003910084Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.22d7fca324753a762022-01-11 12:20:08.334root 11241100x80000000000000003910085Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.72803d522dd8884d2022-01-11 12:20:08.334root 11241100x80000000000000003910086Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09c0970b6a597d2c2022-01-11 12:20:08.334root 11241100x80000000000000003910087Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.091a171c06950d682022-01-11 12:20:08.334root 11241100x80000000000000003910088Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b21190c8121a08772022-01-11 12:20:08.334root 11241100x80000000000000003910089Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c8c14f088f1e5fd52022-01-11 12:20:08.335root 11241100x80000000000000003910090Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e3274458af9ace932022-01-11 12:20:08.335root 11241100x80000000000000003910091Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b06f74f916a1c2c12022-01-11 12:20:08.335root 11241100x80000000000000003910092Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d77bfc47dae12e7a2022-01-11 12:20:08.335root 11241100x80000000000000003910093Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aad74767ed4c84722022-01-11 12:20:08.335root 11241100x80000000000000003910094Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.899cc5cd72db0b452022-01-11 12:20:08.335root 11241100x80000000000000003910095Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6f5c0e40eddcb242022-01-11 12:20:08.335root 11241100x80000000000000003910096Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d96d7daf35c432892022-01-11 12:20:08.335root 11241100x80000000000000003910097Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fed84c13d476c5382022-01-11 12:20:08.335root 11241100x80000000000000003910098Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bae6c4f80fcbedc32022-01-11 12:20:08.336root 11241100x80000000000000003910099Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00983a2a38b579212022-01-11 12:20:08.336root 11241100x80000000000000003910100Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.977f9d379c7e7ae32022-01-11 12:20:08.336root 11241100x80000000000000003910101Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa988013d5e659172022-01-11 12:20:08.834root 11241100x80000000000000003910102Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c4e3667433089feb2022-01-11 12:20:08.834root 11241100x80000000000000003910103Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca8c21f02ab445ca2022-01-11 12:20:08.834root 11241100x80000000000000003910104Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.61c2527abd7aca652022-01-11 12:20:08.834root 11241100x80000000000000003910105Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.93b6469085402d452022-01-11 12:20:08.834root 11241100x80000000000000003910106Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0517a17a2d3bb9042022-01-11 12:20:08.834root 11241100x80000000000000003910107Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8d28cb278e09cb92022-01-11 12:20:08.834root 11241100x80000000000000003910108Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.15c7cb7f8df7fbd22022-01-11 12:20:08.835root 11241100x80000000000000003910109Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0aa043448913dac72022-01-11 12:20:08.835root 11241100x80000000000000003910110Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c20da1bd13ef5132022-01-11 12:20:08.835root 11241100x80000000000000003910111Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d685f17513f951f22022-01-11 12:20:08.835root 11241100x80000000000000003910112Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e70ea82e5e29be62022-01-11 12:20:08.835root 11241100x80000000000000003910113Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.74c9f293b3fc16c12022-01-11 12:20:08.835root 11241100x80000000000000003910114Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e6f126e782f32072022-01-11 12:20:08.835root 11241100x80000000000000003910115Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e65213162e3cf8572022-01-11 12:20:08.835root 11241100x80000000000000003910116Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b050238cfe7fee9f2022-01-11 12:20:08.835root 11241100x80000000000000003910117Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.04914e8392c989c62022-01-11 12:20:08.836root 11241100x80000000000000003910118Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e38183e18d34b3a22022-01-11 12:20:08.836root 11241100x80000000000000003910119Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1795dfd030b03052022-01-11 12:20:09.334root 11241100x80000000000000003910120Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ddf6d3087ea117a12022-01-11 12:20:09.334root 11241100x80000000000000003910121Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb6884e387ae63392022-01-11 12:20:09.334root 11241100x80000000000000003910122Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ffe7e3f2c197af042022-01-11 12:20:09.334root 11241100x80000000000000003910123Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d2cf5899aacaaab22022-01-11 12:20:09.334root 11241100x80000000000000003910124Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.46011dc09ee01ae52022-01-11 12:20:09.335root 11241100x80000000000000003910125Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc8c04f3248116e42022-01-11 12:20:09.335root 11241100x80000000000000003910126Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.40b12b8f6209e6ef2022-01-11 12:20:09.335root 11241100x80000000000000003910127Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96fdc84376dc8dd42022-01-11 12:20:09.335root 11241100x80000000000000003910128Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ece0b5d337c9fbe22022-01-11 12:20:09.335root 11241100x80000000000000003910129Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f16fdbf3def43eb82022-01-11 12:20:09.335root 11241100x80000000000000003910130Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.404986d17464c04e2022-01-11 12:20:09.335root 11241100x80000000000000003910131Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f43a1a07a126daad2022-01-11 12:20:09.335root 11241100x80000000000000003910132Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.880a084bb428dc1b2022-01-11 12:20:09.335root 11241100x80000000000000003910133Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.091ed0ac6832ee9a2022-01-11 12:20:09.336root 11241100x80000000000000003910134Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7badb9e16bfd16162022-01-11 12:20:09.336root 11241100x80000000000000003910135Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d8b7b7202c28c912022-01-11 12:20:09.336root 11241100x80000000000000003910136Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96e472eb8b4ed7d62022-01-11 12:20:09.336root 11241100x80000000000000003910137Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.588be26fa96cd3ca2022-01-11 12:20:09.834root 11241100x80000000000000003910138Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d9a17851126c99172022-01-11 12:20:09.834root 11241100x80000000000000003910139Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ea52448b8a7d1142022-01-11 12:20:09.834root 11241100x80000000000000003910140Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.80be1026146521ec2022-01-11 12:20:09.834root 11241100x80000000000000003910141Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa60df442b39a6032022-01-11 12:20:09.835root 11241100x80000000000000003910142Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63d654fdbb62bf102022-01-11 12:20:09.835root 11241100x80000000000000003910143Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25df2bd2d24af65b2022-01-11 12:20:09.835root 11241100x80000000000000003910144Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77bb211b33d2eaa82022-01-11 12:20:09.835root 11241100x80000000000000003910145Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f04d44bcd8b603d42022-01-11 12:20:09.835root 11241100x80000000000000003910146Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c84196fadc49077a2022-01-11 12:20:09.835root 11241100x80000000000000003910147Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e80897a961ed9012022-01-11 12:20:09.835root 11241100x80000000000000003910148Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e62d07216d7ac4112022-01-11 12:20:09.836root 11241100x80000000000000003910149Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3462d265f67a815e2022-01-11 12:20:09.836root 11241100x80000000000000003910150Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1872e06e4f690fb82022-01-11 12:20:09.836root 11241100x80000000000000003910151Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f1cd430103d31eb62022-01-11 12:20:09.836root 11241100x80000000000000003910152Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b59f3510ccfae48d2022-01-11 12:20:09.836root 11241100x80000000000000003910153Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f7c5b49bfb58f0642022-01-11 12:20:09.836root 11241100x80000000000000003910154Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a4c54797b544bd52022-01-11 12:20:09.836root 11241100x80000000000000003910155Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:10.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e25e8f4f07d012902022-01-11 12:20:10.334root 11241100x80000000000000003910156Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:10.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4101fdb2a8f795b52022-01-11 12:20:10.334root 1124